2 matches found
CVE-2023-46976
TOTOLINK A3300R 17.0.0cu.557B20221024 contains a command injection via the filename parameter in the UploadFirmwareFile function...
CVE-2023-46976
CVE-2023-46976 affects TOTOLINK A3300R (version 17.0.0cu.557_B20221024). The vulnerability is a command injection in the UploadFirmwareFile function triggered via the file_name parameter, allowing arbitrary command execution with network access and no user interaction. The NVD entry lists a base ...