Cyber Resilience

CVE-2023-52041

CriticalPublic PoC

Published: 16 January 2024

Published
16 January 2024
Modified
17 June 2025
KEV Added
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0026 50.0th percentile
Risk Priority 20 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-52041 is a critical-severity an unspecified weakness vulnerability in Totolink X6000R Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked at the 50.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2023-52041 is a remote code execution vulnerability in the TOTOLINK X6000R router running firmware version V9.4.0cu.852_B20230719. The flaw resides in the sub_410118 function of the shttpd web server program and carries a CVSS 3.1 score of 9.8, reflecting network-accessible exploitation without authentication or user interaction.

An unauthenticated attacker can send crafted requests over the network to trigger the vulnerable function and execute arbitrary code on the device, resulting in full compromise of the router's confidentiality, integrity, and availability.

The EPSS score rose from a low baseline to a peak of 0.0563 on 2025-01-22 before receding to the current value of 0.0026, indicating a temporary increase in exploitation interest after public disclosure. No information on vendor patches or real-world exploitation campaigns is provided in the available references.

EU & UK References

Vulnerability details

An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code via the sub_410118 function of the shttpd program.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

totolink
x6000r firmware
9.4.0cu.852_b20230719

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References