Lucene search
K

6 matches found

Nuclei
Nuclei
added 7 hours ago34 views

TOTOLink - Unauthenticated Command Injection

TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 were discovered to contain a command injection vulnerability in the Main function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter. id: CVE-2022-25082 info: name: TOTOLink -...

9.8CVSS7.6AI score0.16089EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:31 p.m.6 views

CVE-2022-25082

TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.7AI score0.16089EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2022/10/30 12:0 a.m.4 views

TOTOLink A860R Command Injection (CVE-2022-25076; CVE-2022-25078; CVE-2022-25079; CVE-2022-25080; CVE-2022-25081; CVE-2022-25082; CVE-2022-25083; CVE-2022-25084)

A command injection vulnerability exists in TOTOLink A860R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.3AI score0.24845EPSS
Exploits8
OSV
OSV
added 2022/02/24 3:15 p.m.6 views

CVE-2022-25082

TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS7.5AI score0.16089EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/02/22 10:44 p.m.21 views

CVE-2022-25082

TOTOLink A950RG V5.9c.4050B20190424 and V4.1.2cu.5204B20210112 were discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

10AI score0.16089EPSS
Exploits1References1
CVE
CVE
added 2022/02/22 10:44 p.m.236 views

CVE-2022-25082

Totolink A950RG firmware versions V5.9c.4050_B20190424 and V4.1.2cu.5204_B20210112 contain a command-injection vulnerability in the Main function, allowing arbitrary commands via the QUERY_STRING parameter. Impact can be high: network-based, unauthenticated, with high confidentiality, integrity, ...

9.8CVSS10AI score0.16089EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder