Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-51228 PoC — TOTOLINK多款产品 安全漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2024/CVE-2024-51228.yaml
Associated Vulnerability
Title:TOTOLINK多款产品 安全漏洞 (CVE-2024-51228)
Description:TOTOLINK A3002RU等都是中国吉翁电子(TOTOLINK)公司的产品。TOTOLINK A3002RU是一款无线路由器产品。TOTOLINK N300RT是一款符合 802.11n 标准的无线路由器。TOTOLINK N150RT是一款无线路由器。 TOTOLINK多款产品存在安全漏洞,该漏洞源于组件boafrm/formSysCmd可导致远程攻击者执行任意代码。受影响产品如下:TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512、TOTOLINK-CX-N150
Description
An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote attacker to execute arbitrary code via the /boafrm/formSysCmd component.
File Snapshot

 id: CVE-2024-51228

info:
  name: TOTOLINK CX-A3002RU - Remote Code Execution
  author: DhiyaneshDK


...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.