Cp900 Firmware@6.3c.566 b20171026 Security Vulnerabilities and Issues — Cp900 Firmware@6.3c.566 b20171026 CVE List

Lucene search

TotolinkCp900 Firmware6.3c.566 b20171026

5 matches found

CVE•added 2023/03/24 2:15 p.m.•49 views

CVE-2022-28495

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8CVSS9.8AI score0.00619EPSS

CVE•added 2023/03/23 4:15 p.m.•49 views

CVE-2022-28497

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the mtd_write_bootloader function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8CVSS9.8AI score0.00177EPSS

CVE•added 2023/03/23 3:15 p.m.•47 views

CVE-2022-28491

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 contains a command injection vulnerability in the NTPSyncWithHost function via the host_name parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8CVSS9.6AI score0.00619EPSS

CVE•added 2023/03/23 5:15 p.m.•44 views

CVE-2022-28496

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 discovered to contain a command injection vulnerability in the setPasswordCfg function via the adminuser and adminpassparameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8CVSS9.8AI score0.00212EPSS

CVE•added 2023/03/23 1:15 a.m.•43 views

CVE-2022-28494

TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection vulnerability in the setUpgradeFW function via the filename parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

9.8CVSS9.8AI score0.00619EPSS