3 matches found
CVE-2022-36479
TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...
CVE-2022-36479
TOTOLINK N350RT v9.3.5u.6139_B20201216 is affected by a local command-injection in NTPSyncWithHost via the host_time parameter. Root cause: unvalidated host_time input enables arbitrary commands, impacting confidentiality, integrity, and availability (CVSS v3.1: 7.8). Exploitation could require l...
CVE-2022-36479
TOTOLINK N350RT V9.3.5u.6139B20201216 was discovered to contain a command injection vulnerability via the hosttime parameter in the function NTPSyncWithHost...