CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
81.1%
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.
Vendor | Product | Version | CPE |
---|---|---|---|
totolink | x6000r_firmware | 9.4.0cu.652_b20230116 | cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.652_b20230116:*:*:*:*:*:*:* |
totolink | x6000r_firmware | 9.4.0cu.852_b20230719 | cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719:*:*:*:*:*:*:* |
totolink | x6000r | - | cpe:2.3:h:totolink:x6000r:-:*:*:*:*:*:*:* |