4 matches found
CVE-2022-25077
TOTOLink A3100R V4.1.2cu.5050B20200504 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...
TOTOLink A3100R Command Injection (CVE-2022-25077)
A command injection vulnerability exists in TOTOLink A3100R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-25077
TOTOLink A3100R V4.1.2cu.5050B20200504 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...
CVE-2022-25077
Affected device and version: TOTOLink A3100R, version 4.1.2cu.5050_B20200504. Vulnerability type: command injection in the Main function, exploitable via the QUERY_STRING parameter. Root cause described as lack of input validation/filtering in Main. Impact (as stated): attacker could execute arbi...