CVE advisoryCRITICAL
CVE-2024-52723
TOTOLINK X6000R Firmware Command Execution
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability exists in TOTOLINK router firmware that could allow an unauthenticated attacker to execute arbitrary commands. This occurs due to insufficient parameter filtering in the `shttpd` file's `Uci_Set Str` function, enabling the injection of malicious commands. Readers should care to assess if this technology