3 matches found
CVE-2022-28907
TOTOLink N600R V5.3c.7159B20190425 was discovered to contain a command injection vulnerability via the hosttime function in /setting/NTPSyncWithHost...
TOTOLINK N600R Router Command Injection (CVE-2022-26186; CVE-2022-26188; CVE-2022-26189; CVE-2022-27411; CVE-2022-28905; CVE-2022-28906; CVE-2022-28907; CVE-2022-28908; CVE-2022-28909; CVE-2022-28910; CVE-2022-28911; CVE-2022-28912; CVE-2022-28913)
A command injection vulnerability exists in TOTOLINK N600R router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2022-28907
TOTOLink N600R (firmware ~5.3c.7159_B20190425) is affected by a command injection vulnerability in the hosttime function exposed via /setting/NTPSyncWithHost. The issue allows an attacker to inject and execute arbitrary commands on the device. Public sources do not provide an official patch detai...