Vulnerabilities (CVE)

Filtered by vendor Totolink Subscribe
Filtered by product Cp300\+
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31856 1 Totolink 2 Cp300\+, Cp300\+ Firmware 2023-05-25 N/A 9.8 CRITICAL
A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof TOTOLINK CP300+ V5.2cu.7594_B20200910 allows attackers to execute arbitrary commands via a crafted http packet.