Check Point Advisories

TOTOLINK Multiple Routers Command Injection (CVE-2024-42736; CVE-2024-42737; CVE-2024-42738; CVE-2024-42739; CVE-2024-42740; CVE-2024-42741; CVE-2024-42742; CVE-2024-42743; CVE-2024-42744; CVE-2024-42745; CVE-2024-42747; CVE-2024-42748; CVE-2024-43533)

Check Point Reference: CPAI-2023-1859
Date Published: 5 Aug 2024
Severity: Critical
Last Updated: Thursday 06 February, 2025
Source:
Industry Reference:CVE-2024-42736
CVE-2024-42737
CVE-2024-42738
CVE-2024-42739
CVE-2024-42740
CVE-2024-42741
CVE-2024-42742
CVE-2024-42743
CVE-2024-42744
CVE-2024-42745
CVE-2024-42747
CVE-2024-42748
CVE-2024-43533
Protection Provided by:

Security Gateway
R81, R80, R77, R75
Who is Vulnerable? TOTOLINK A3100R 4.1.2cu.5050_B20200504
TOTOLINK A3600R 4.1.2cu.5182_B20201102
TOTOLINK A3700R 9.1.2u.5822_B20200513
TOTOLINK AC1200 T8 4.1.5cu.861_B20230220
TOTOLINK LR1200 9.3.1cu.2832
TOTOLINK LR1200GB 9.1.0u.6619_B20230130
TOTOLINK LR350 9.3.5u.6369_B20220309
TOTOLINK N200RE 9.3.5u.6139_B20201216
TOTOLINK NR1800X V9.1.0u.6279_B20210910
TOTOLINK T10 4.1.8cu.5207
TOTOLINK X18 9.1.0cu.2024_B20220329
TOTOLINK X5000R 9.1.0cu.2300_B20230112
TOTOLINK X5000R V9.1.0cu.2350_B20230313
TOTOLINK X5000R v9.1.0cu.2300_B20230112
TOTOLINK X5000R v9.1.0cu.2350_b20230313
TOTOLINK X5000r v9.1.0cu.2350_b20230313
TOTOLINK X6000R 9.4.0cu.852_20230719
TOTOLINK X6000R AX3000 9.4.0cu.852_20230719
TOTOLINK X6000R v9.4.0cu.852_B20230719
Vulnerability Description A command injection vulnerability exists in multiple TOTOLINK routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.

Protection Overview

This protection detects attempts to exploit this vulnerability.

In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, click on Protection tab and select the version of your choice.

Security Gateway R81 / R80 / R77 / R75

  1. In the IPS tab, click Protections and find the TOTOLINK Multiple Routers Command Injection protection using the Search tool and Edit the protection's settings.
  2. Install policy on all Security Gateways.

This protection's log will contain the following information:

Attack Name:  Application Servers Protection Violation.
Attack Information:  TOTOLINK Multiple Routers Command Injection

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK