Security Advisory

CVE-2024-35397

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-28 14:33:46

Last updated 2025-02-13 15:58:41

Assigner mitre

State PUBLISHED

Description

TOTOLINK CP900L v4.1.5cu.798_B20221228 weas discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

← Browse all CVEs View on cve.org ↗