Command injection

2023-02-1415:15:00

PRIOn knowledge base

www.prio-n.com

totolink

command injection

vulnerability

setpasswordcfg

admuser parameter

0.64 Medium

EPSS

Percentile

97.9%

TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the admuser parameter in the setPasswordCfg function.

CPENameOperatorVersion
ca300-poe_firmwareeq6.2.99884

CPE	Name	Operator	Version
	ca300-poe_firmware	eq	6.2.99884

References

github.com/iceyjchen/VulnerabilityProjectRecords/blob/main/setPasswordCfg_admuser/setPasswordCfg_admuser.md

0.64 Medium

EPSS

Percentile

97.9%

Related for PRION:CVE-2023-24160