5 matches found
CVE-2022-25075
TOTOLink A3000RU V5.9c.2280B20180512 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...
TOTOLink A3000R Command Injection (CVE-2022-25075)
A command injection vulnerability exists in TOTOLink A3000R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Beastmode DDoS Botnet Exploiting New TOTOLINK Bugs to Enslave More Routers
A variant of the Mirai botnet called Beastmode has been observed adopting newly disclosed vulnerabilities in TOTOLINK routers between February and March 2022 to infect unpatched devices and expand its reach potentially. "The Beastmode aka B3astmode Mirai-based DDoS campaign has aggressively updat...
CVE-2022-25075
creationtimestamp| type| source ---|---|--- 2022-02-24 18:21:32+00:00| seen| https://t.me/cibsecurity/38021 2022-04-04 16:37:00+00:00| seen| https://t.me/truesecator/2804 2022-04-14 15:17:01+00:00| exploited| https://t.me/NeKaspersky/2117 2022-07-13 13:02:16+00:00| seen|...
CVE-2022-25075
CVE-2022-25075 affects TOTOLink A3000RU (V5.9c.2280_B20180512). A command‑injection vulnerability in the "Main" function allows execution of arbitrary commands via the QUERY_STRING parameter. Multiple sources (NVD, CNVD, CVE lists, vendor advisories) corroborate the flaw and its impact, which is ...