Lucene search
HistoryJan 17, 2023 - 7:15 p.m.
CVE-2022-47853
totolink a7100ru
v7.4cu.2313_b20191024
command injection
vulnerability
httpd service
stable root shell
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.449
Percentile
97.5%
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.
Affected configurations
Node
totolinka7100ruMatch-
totolinka7100ru_firmwareMatch7.4cu.2313_b20191024
| Vendor | Product | Version | CPE |
|---|---|---|---|
| totolink | a7100ru | - | cpe:2.3:h:totolink:a7100ru:-:*:*:*:*:*:*:* |
| totolink | a7100ru_firmware | 7.4cu.2313_b20191024 | cpe:2.3:o:totolink:a7100ru_firmware:7.4cu.2313_b20191024:*:*:*:*:*:*:* |
References
Related
prion
prion
Command injection
2023-01-17 19:15:00
cve
cve
CVE-2022-47853
2023-01-17 19:15:11
cvelist
cvelist
CVE-2022-47853
2023-01-17 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.449
Percentile
97.5%
Related for NVD:CVE-2022-47853