{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59297?format=json","vulnerability_id":"VCID-tddy-8ez2-8ygb","summary":"TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the \"hour\" parameter in setScheduleCfg.","aliases":[{"alias":"CVE-2024-57015"}],"fixed_packages":[],"affected_packages":[],"references":[{"reference_url":"https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md","reference_id":"setScheduleCfg.md","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-01-16T14:54:16Z/"}],"url":"https://github.com/tiger5671/Vulnerabilities/blob/main/TOTOLINK%20X5000R/setScheduleCfg/setScheduleCfg.md"},{"reference_url":"https://www.totolink.net/","reference_id":"www.totolink.net","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-01-16T14:54:16Z/"}],"url":"https://www.totolink.net/"}],"weaknesses":[],"exploits":[],"severity_range_score":"8.8 - 8.8","exploitability":null,"weighted_severity":null,"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tddy-8ez2-8ygb"}