CVE-2024-8075

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

Published: Aug 22, 2024 / Updated: 2mo ago

010
CVSS 5.3EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A critical vulnerability has been discovered in the setDiagnosisCfg function of TOTOLINK AC1200 T8 firmware version 4.1.5cu.862_B20230228. This vulnerability allows for OS command injection and can be exploited remotely without requiring user interaction or special privileges.

Impact

Successful exploitation of this vulnerability could lead to complete compromise of the affected system. An attacker could potentially execute arbitrary OS commands with the privileges of the web server, leading to unauthorized access, data theft, system manipulation, or using the device as a pivot for further attacks on the network. The impact is severe as it affects all three main aspects of security: confidentiality, integrity, and availability, all rated as "HIGH" in the CVSS v3.1 scoring.

Exploitation

There is no evidence that a public proof-of-concept exists. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, no patch is available for this vulnerability. The vendor (TOTOLINK) was contacted about this disclosure but did not respond, indicating that a fix may not be immediately forthcoming.

Mitigation

Given the severity of the vulnerability and the lack of a patch, the following mitigation steps are recommended: 1. Immediately isolate affected TOTOLINK AC1200 T8 devices from the network, especially from internet exposure. 2. If possible, disable the setDiagnosisCfg function or any related diagnostic features until a patch is available. 3. Implement strong network segmentation to limit potential lateral movement if a device is compromised. 4. Monitor for any suspicious activities or unauthorized access attempts on these devices. 5. Consider replacing the affected devices with alternative, secure products if TOTOLINK does not provide a timely patch. 6. Regularly check for firmware updates from TOTOLINK and apply them as soon as they become available. 7. Implement additional network security measures such as firewalls and intrusion detection systems to help detect and prevent exploitation attempts.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-8075. See article

Aug 22, 2024 at 7:39 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Aug 22, 2024 at 7:40 PM
CVSS

A CVSS base score of 9.8 has been assigned.

Aug 29, 2024 at 10:00 PM / nvd
Static CVE Timeline Graph

Affected Systems

Totolink/t8_firmware
+null more

Attack Patterns

CAPEC-108: Command Line Execution through SQL Injection
+null more

News

CVE-2024-8075
Medium Severity Description A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. Read more at https://www.tenable.com/cve/CVE-2024-8075
NA - CVE-2024-8075 - A vulnerability has been found in TOTOLINK...
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os...
CVE-2024-8075 - TOTOLINK AC1200 T8 Remote OS Command Injection Vulnerability
CVE ID : CVE-2024-8075 Published : Aug. 22, 2024, 8:15 p.m. 20 minutes ago Description : A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely.
CVE-2024-8075
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-8075
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862_B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about this disclosure but did not respond in any...
See 3 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI