Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-36783

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the host_time parameter in the NTPSyncWithHost function.

Published

2024-06-03T20:15:09.370

Last Modified

2025-04-04T16:32:22.820

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-77
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System totolink lr350_firmware 9.3.5u.6369_b20220309 Yes
Hardware totolink lr350 - No
References