Sign-up

ID

VAR-202401-0453


CVE

CVE-2024-0295


TITLE

TOTOLINK  of  lr1200gb  in the firmware  OS  Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2024-001219

DESCRIPTION

A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. This affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249861 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of lr1200gb The firmware has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK LR1200GB is a dual-band 4G LTE wireless router manufactured by TOTOLINK, a Chinese company. It supports both 2.4GHz and 5GHz dual-band networks and is primarily used to provide mobile broadband connectivity and Wi-Fi coverage. The TOTOLINK LR1200GB contains an operating system command injection vulnerability. This vulnerability stems from the fact that the hostName parameter of the setWanCfg function on the /cgi-bin/cstecgi.cgi page fails to properly filter special characters and commands used in constructing commands. Detailed vulnerability information is currently unavailable

Trust: 2.25

sources: NVD: CVE-2024-0295 // JVNDB: JVNDB-2024-001219 // CNVD: CNVD-2025-30281 // VULMON: CVE-2024-0295

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-30281

AFFECTED PRODUCTS

vendor:totolinkmodel:lr1200gbscope:eqversion:9.1.0u.6619_b20230130

Trust: 1.0

vendor:totolinkmodel:lr1200gbscope:eqversion: -

Trust: 0.8

vendor:totolinkmodel:lr1200gbscope:eqversion:lr1200gb firmware 9.1.0u.6619 b20230130

Trust: 0.8

vendor:totolinkmodel:lr1200gbscope: - version: -

Trust: 0.8

vendor:totolinkmodel:lr1200gb 9.1.0u.6619 b20230130scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-30281 // JVNDB: JVNDB-2024-001219 // NVD: CVE-2024-0295

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2024-0295
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2024-0295
value: CRITICAL

Trust: 1.0

NVD: CVE-2024-0295
value: CRITICAL

Trust: 0.8

CNVD: CNVD-2025-30281
value: HIGH

Trust: 0.6

cna@vuldb.com: CVE-2024-0295
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-30281
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2024-0295
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 3.9
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2024-0295
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2024-0295
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-30281 // JVNDB: JVNDB-2024-001219 // NVD: CVE-2024-0295 // NVD: CVE-2024-0295

PROBLEMTYPE DATA

problemtype:CWE-78

Trust: 1.0

problemtype:OS Command injection (CWE-78) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-001219 // NVD: CVE-2024-0295

PATCH

title:Patch for TOTOLINK LR1200GB setWanCfg function operating system command injection vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/778501

Trust: 0.6

sources: CNVD: CNVD-2025-30281

EXTERNAL IDS

db:NVDid:CVE-2024-0295

Trust: 3.3

db:VULDBid:249861

Trust: 2.5

db:JVNDBid:JVNDB-2024-001219

Trust: 0.8

db:CNVDid:CNVD-2025-30281

Trust: 0.6

db:VULMONid:CVE-2024-0295

Trust: 0.1

sources: CNVD: CNVD-2025-30281 // VULMON: CVE-2024-0295 // JVNDB: JVNDB-2024-001219 // NVD: CVE-2024-0295

REFERENCES

url:https://vuldb.com/?id.249861

Trust: 2.5

url:https://github.com/jylsec/vuldb/blob/main/totolink/lr1200gb/setwancfg/readme.md

Trust: 1.9

url:https://vuldb.com/?ctiid.249861

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-0295

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/78.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2025-30281 // VULMON: CVE-2024-0295 // JVNDB: JVNDB-2024-001219 // NVD: CVE-2024-0295

SOURCES

db:CNVDid:CNVD-2025-30281
db:VULMONid:CVE-2024-0295
db:JVNDBid:JVNDB-2024-001219
db:NVDid:CVE-2024-0295

LAST UPDATE DATE

2025-12-19T22:45:54.666000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-30281date:2025-12-09T00:00:00
db:VULMONid:CVE-2024-0295date:2024-01-08T00:00:00
db:JVNDBid:JVNDB-2024-001219date:2024-02-01T05:39:00
db:NVDid:CVE-2024-0295date:2024-05-17T02:34:29.690

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-30281date:2025-12-08T00:00:00
db:VULMONid:CVE-2024-0295date:2024-01-08T00:00:00
db:JVNDBid:JVNDB-2024-001219date:2024-02-01T00:00:00
db:NVDid:CVE-2024-0295date:2024-01-08T04:15:08.287