3 matches found
CVE-2022-36456
creationtimestamp| type| source ---|---|--- 2022-08-25 18:23:30+00:00| seen| https://t.me/cibsecurity/48726...
CVE-2022-36456
TOTOLink A720R V4.1.5cu.532B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2022-36456
Totolink A720R firmware 4.1.5cu.532_B20210610 contains a command-injection flaw in /cstecgi.cgi caused by insufficient sanitization of the username parameter. This yields potential local command execution. The PT-2022-23380 advisory confirms the affected version and recommends restricting access ...