3 matches found
CVE-2022-36455
TOTOLink A3600R V4.1.2cu.5182B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...
CVE-2022-36455
TOTOLink A3600R firmware 4.1.2cu.5182_B20201102 contains a command injection vulnerability in the /cstecgi.cgi endpoint where the username parameter is unsafely handled. The root cause is improper input handling in this API, enabling an attacker with local access to execute arbitrary commands wit...
CVE-2022-36455
TOTOLink A3600R V4.1.2cu.5182B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi...