7 matches found
TOTOLINK A3700R - Command Injection
An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function. id: CVE-2023-46574 info: name: TOTOLINK A3700R - Command Injection author: DhiyaneshDk severity: critical description: | An issue in...
CVE-2023-46574
An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function...
CVE-2023-46574
creationtimestamp| type| source ---|---|--- 2023-10-25 22:49:23+00:00| seen| https://t.me/cibsecurity/72876 2023-12-28 01:09:47+00:00| seen| https://t.me/arpsyndicate/2171 2023-12-28 04:58:15+00:00| seen| https://t.me/arpsyndicate/2193 2025-01-31 00:00:00+00:00| exploited| The Shadowserver...
CVE-2023-46574
An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function...
CVE-2023-46574
An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function...
CVE-2023-46574
The vulnerability CVE-2023-46574 affects TOTOLINK A3700R (v9.1.2u.6165_20211012). Affected component: UploadFirmwareFile function; root cause: lack of input sanitization in the FileName parameter, enabling remote code execution by an unauthenticated attacker. Impact: remote execution leading to f...
CVE-2023-46574
An issue in TOTOLINK A3700R v.9.1.2u.616520211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function...