CVE-2024-51141

An issue in TOTOLINK Bluetooth Wireless Adapter A600UB allows a local attacker to execute arbitrary code via the WifiAutoInstallDriver.exe and MSASN1.dll components.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:totolink:a6000ub_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:totolink:a6000ub:-:*:*:*:*:*:*:*

History

17 Jun 2025, 01:07

Type Values Removed Values Added
CPE cpe:2.3:h:totolink:a6000ub:-:*:*:*:*:*:*:*
cpe:2.3:o:totolink:a6000ub_firmware:-:*:*:*:*:*:*:*
References () https://infosecwriteups.com/dll-hijacking-in-totolink-a600ub-driver-installer-13787c4d97b4 - () https://infosecwriteups.com/dll-hijacking-in-totolink-a600ub-driver-installer-13787c4d97b4 - Third Party Advisory, Exploit
First Time Totolink a6000ub
Totolink
Totolink a6000ub Firmware

18 Nov 2024, 17:11

Type Values Removed Values Added
Summary
  • (es) Un problema en el adaptador inalámbrico Bluetooth TOTOLINK A600UB permite a un atacante local ejecutar código arbitrario a través de los componentes WifiAutoInstallDriver.exe y MSASN1.dll.

15 Nov 2024, 19:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
CWE CWE-354

15 Nov 2024, 19:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-15 19:15

Updated : 2025-06-17 01:07


NVD link : CVE-2024-51141

Mitre link : CVE-2024-51141

CVE.ORG link : CVE-2024-51141


JSON object : View

Products Affected

totolink

  • a6000ub
  • a6000ub_firmware
CWE
CWE-354

Improper Validation of Integrity Check Value