CVE-2023-29799
Published: 14 April 2023
Summary
CVE-2023-29799 is a critical-severity Command Injection (CWE-77) vulnerability in Totolink X18 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 5.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-29799 is a command-injection flaw (CWE-77) in the TOTOLINK X18 wireless router running firmware version V9.1.0cu.2024_B20220329. The vulnerability resides in the setOpModeCfg function, where the hostname parameter is passed to a system command without adequate sanitization, allowing arbitrary command execution.
An unauthenticated attacker can exploit the issue over the network by sending a crafted HTTP request containing shell metacharacters in the hostname field. Successful exploitation grants the attacker full control of the device, enabling actions such as configuration changes, traffic interception, or use of the router as a foothold for further attacks inside the local network. The CVSS 3.1 base score of 9.8 reflects the absence of required authentication or user interaction.
The associated EPSS score rose from a low baseline to a peak of 0.2264 before settling at the current value of 0.1490, indicating that exploitation interest increased measurably after public disclosure and that the vulnerability merits renewed attention.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-33337
Vulnerability details
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability via the hostname parameter in the setOpModeCfg function.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.