2 matches found
TOTOLINK Routers Command Injection (CVE-2022-26206; CVE-2022-26207; CVE-2022-26208; CVE-2022-26209; CVE-2022-26211; CVE-2022-26212; CVE-2022-26214; CVE-2022-27003; CVE-2022-27004; CVE-2022-27005; CVE-2022-28935)
A command injection vulnerability exists in TOTOLINK Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-26209
CVE-2022-26209 affects Totolink A830R, A3100R, A950RG, A800R, A3000RU, and A810R devices. A command injection exists in the setUploadSetting function via the FileName parameter, enabling arbitrary command execution by crafted requests. Connected advisories corroborate a router-wide vulnerability ...