CVE-2023-52041
Published: 16 January 2024
Summary
CVE-2023-52041 is a critical-severity an unspecified weakness vulnerability in Totolink X6000R Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked at the 50.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2023-52041 is a remote code execution vulnerability in the TOTOLINK X6000R router running firmware version V9.4.0cu.852_B20230719. The flaw resides in the sub_410118 function of the shttpd web server program and carries a CVSS 3.1 score of 9.8, reflecting network-accessible exploitation without authentication or user interaction.
An unauthenticated attacker can send crafted requests over the network to trigger the vulnerable function and execute arbitrary code on the device, resulting in full compromise of the router's confidentiality, integrity, and availability.
The EPSS score rose from a low baseline to a peak of 0.0563 on 2025-01-22 before receding to the current value of 0.0026, indicating a temporary increase in exploitation interest after public disclosure. No information on vendor patches or real-world exploitation campaigns is provided in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-56720
Vulnerability details
An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code via the sub_410118 function of the shttpd program.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.