Sign-up

ID

VAR-202401-0454


CVE

CVE-2024-0291


TITLE

TOTOLINK  of  lr1200gb  Command injection vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2024-001223

DESCRIPTION

A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249857 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. TOTOLINK of lr1200gb Firmware contains a command injection vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. The TOTOLINK LR1200GB is a dual-band 4G LTE wireless router manufactured by TOTOLINK, a Chinese company. It supports both 2.4GHz and 5GHz dual-band networks and is primarily used to provide mobile broadband connectivity and Wi-Fi coverage. This vulnerability stems from the fact that the FileName parameter of the UploadFirmwareFile function on the /cgi-bin/cstecgi.cgi page fails to properly filter special characters and commands used to construct commands. Detailed vulnerability information is currently unavailable

Trust: 2.25

sources: NVD: CVE-2024-0291 // JVNDB: JVNDB-2024-001223 // CNVD: CNVD-2025-30275 // VULMON: CVE-2024-0291

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-30275

AFFECTED PRODUCTS

vendor:totolinkmodel:lr1200gbscope:eqversion:9.1.0u.6619_b20230130

Trust: 1.0

vendor:totolinkmodel:lr1200gbscope:eqversion: -

Trust: 0.8

vendor:totolinkmodel:lr1200gbscope:eqversion:lr1200gb firmware 9.1.0u.6619 b20230130

Trust: 0.8

vendor:totolinkmodel:lr1200gbscope: - version: -

Trust: 0.8

vendor:totolinkmodel:lr1200gb 9.1.0u.6619 b20230130scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-30275 // JVNDB: JVNDB-2024-001223 // NVD: CVE-2024-0291

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com: CVE-2024-0291
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2024-0291
value: HIGH

Trust: 1.0

NVD: CVE-2024-0291
value: HIGH

Trust: 0.8

CNVD: CNVD-2025-30275
value: MEDIUM

Trust: 0.6

cna@vuldb.com: CVE-2024-0291
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2025-30275
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

cna@vuldb.com: CVE-2024-0291
baseSeverity: MEDIUM
baseScore: 6.3
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: LOW
exploitabilityScore: 2.8
impactScore: 3.4
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2024-0291
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2024-0291
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2025-30275 // JVNDB: JVNDB-2024-001223 // NVD: CVE-2024-0291 // NVD: CVE-2024-0291

PROBLEMTYPE DATA

problemtype:CWE-77

Trust: 1.0

problemtype:Command injection (CWE-77) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2024-001223 // NVD: CVE-2024-0291

PATCH

title:Patch for TOTOLINK LR1200GB UploadFirmwareFile Function Command Injection Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/778506

Trust: 0.6

sources: CNVD: CNVD-2025-30275

EXTERNAL IDS

db:NVDid:CVE-2024-0291

Trust: 3.3

db:VULDBid:249857

Trust: 1.7

db:JVNDBid:JVNDB-2024-001223

Trust: 0.8

db:CNVDid:CNVD-2025-30275

Trust: 0.6

db:VULMONid:CVE-2024-0291

Trust: 0.1

sources: CNVD: CNVD-2025-30275 // VULMON: CVE-2024-0291 // JVNDB: JVNDB-2024-001223 // NVD: CVE-2024-0291

REFERENCES

url:https://github.com/jylsec/vuldb/blob/main/totolink/lr1200gb/uploadfirmwarefile/readme.md

Trust: 1.9

url:https://vuldb.com/?id.249857

Trust: 1.7

url:https://vuldb.com/?ctiid.249857

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2024-0291

Trust: 0.8

url:https://cwe.mitre.org/data/definitions/77.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2025-30275 // VULMON: CVE-2024-0291 // JVNDB: JVNDB-2024-001223 // NVD: CVE-2024-0291

SOURCES

db:CNVDid:CNVD-2025-30275
db:VULMONid:CVE-2024-0291
db:JVNDBid:JVNDB-2024-001223
db:NVDid:CVE-2024-0291

LAST UPDATE DATE

2025-12-19T22:59:41.647000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-30275date:2025-12-09T00:00:00
db:VULMONid:CVE-2024-0291date:2024-01-08T00:00:00
db:JVNDBid:JVNDB-2024-001223date:2024-02-01T05:41:00
db:NVDid:CVE-2024-0291date:2024-05-17T02:34:29.257

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-30275date:2025-12-08T00:00:00
db:VULMONid:CVE-2024-0291date:2024-01-08T00:00:00
db:JVNDBid:JVNDB-2024-001223date:2024-02-01T00:00:00
db:NVDid:CVE-2024-0291date:2024-01-08T01:15:10.850