Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:4 a.m.9 views

CVE-2022-25076

TOTOLink A800R V4.1.2cu.5137B20200730 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.03189EPSS
Exploits1References1
Check Point Advisories
Check Point Advisories
added 2022/10/30 12:0 a.m.123 views

TOTOLink A860R Command Injection (CVE-2022-25076; CVE-2022-25078; CVE-2022-25079; CVE-2022-25080; CVE-2022-25081; CVE-2022-25082; CVE-2022-25083; CVE-2022-25084)

A command injection vulnerability exists in TOTOLink A860R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.3AI score0.24845EPSS
Exploits8
ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 p.m.78 views

CVE-2022-25076

TOTOLink A800R V4.1.2cu.5137B20200730 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS7.6AI score0.03189EPSS
In wildExploits1References2
Cvelist
Cvelist
added 2022/02/22 10:44 p.m.29 views

CVE-2022-25076

TOTOLink A800R V4.1.2cu.5137B20200730 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

10AI score0.03189EPSS
Exploits1References1
CVE
CVE
added 2022/02/22 10:44 p.m.233 views

CVE-2022-25076

CVE-2022-25076 affects TOTOLink A800R firmware 4.1.2cu.5137_B20200730. The root cause is lack of input sanitization in the Main function, enabling command injection via the QUERY_STRING parameter. Impact is high/critical with potential remote command execution (network access, no auth, no user in...

9.8CVSS9.9AI score0.03189EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder