3 matches found
TOTOLINK Routers Command Injection (CVE-2022-26206; CVE-2022-26207; CVE-2022-26208; CVE-2022-26209; CVE-2022-26211; CVE-2022-26212; CVE-2022-26214; CVE-2022-27003; CVE-2022-27004; CVE-2022-27005; CVE-2022-28935)
A command injection vulnerability exists in TOTOLINK Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-26211
CVE-2022-26211 affects TotoLink routers (A830R, A3100R, A950RG, A800R, A3000RU, A810R) across specific firmware versions. The root cause is a input handling flaw in the CloudACMunualUpdate function that fails to properly sanitize deviceMac and deviceName, enabling an attacker to perform command i...
CVE-2022-26211
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function CloudACMunualUpdate, via the...