The vulnerability of the meshSlaveUpdate() function in the microprogramming software for TOTOLINK T8 allows a hacker to execute arbitrary commands.
The vulnerability of the meshSlaveUpdate function in the microprogramming software for TOTOLINK T8 lies in the lack of measures taken to clean data at the control level when processing the serverIp parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...