The vulnerability of the setUploadUserData() function in the microprogramming software for TOTOLINK CA300-PoE allows a hacker to execute arbitrary commands.
The vulnerability of the setUploadUserData function in the TOTOLINK CA300-PoE router’s microprogramming software is related to the lack of measures taken at the control level during the processing of the FileName parameter. Exploiting this vulnerability allows an attacker operating remotely to...