2 matches found
CVE-2018-13306
CVE-2018-13306 corresponds to a command injection vulnerability in TOTOLINK A3002RU (firmware version 1.0.8) exploitable via the ftpUser POST parameter in the formDlna component. Multiple sources (NVD, CVE List, CNVD) confirm that an attacker can cause system command execution, with the NVD CVSS ...
CVE-2018-13306
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter...