TOTOLINK X5000R OS Command Injection Vulnerability in WiFi Scheduling Configuration

An OS command injection vulnerability has been identified in the TOTOLINK X5000R router, specifically in firmware version V9.1.0cu.2350_B20230313. The vulnerability arises in the 'setWiFiScheduleCfg' function within the '/web/cgi-bin/cstecgi.cgi' file. Authenticated attackers can exploit this issue by sending crafted requests that include malicious payloads, allowing them to execute arbitrary commands on the device.

Impact

Exploitation of this vulnerability allows for arbitrary command execution on the affected device.

Reproduction

To reproduce this vulnerability, send a POST request to '/cgi-bin/cstecgi.cgi' with the 'sMinute' parameter (along with other schedule-related parameters) containing a payload that includes OS commands. The injected commands will be executed on the device, demonstrating the command injection vulnerability.