CVE-2022-41518
TOTOLINK NR1800X firmware 9.1.0u.6279_B20210910 is affected by CVE-2022-41518 due to a command injection in the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi. The issue originates from inadequate input filtering of the FileName parameter, enabling arbitrary command execution. CVSS 3.1 base ...