Lucene search

K
cve[email protected]CVE-2022-32993
HistoryAug 29, 2022 - 9:15 p.m.

CVE-2022-32993

2022-08-2921:15:09
web.nvd.nist.gov
24
5
cve-2022-32993
totolink
a7000r
v4.1cu.4134
access control
cgi
exportsettings.sh
nvd

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.007

Percentile

80.0%

TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh.

Affected configurations

NVD
Node
totolinka7000r_firmwareMatch4.1cu.4134
AND
totolinka7000rMatch-
VendorProductVersionCPE
totolinka7000r_firmware4.1cu.4134cpe:/o:totolink:a7000r_firmware:4.1cu.4134:::

Social References

More

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.5

Confidence

High

EPSS

0.007

Percentile

80.0%

Related for CVE-2022-32993