Lucene search
MitreVULNRICHMENT:CVE-2022-27005HistoryMar 15, 2022 - 9:56 p.m.
CVE-2022-27005
2022-03-1521:56:35
mitre
github.com
1
totolink routers
x5000r
a7000r
command injection
vulnerability
setwancfg function
hostname parameter
AI Score
8.6
Confidence
High
EPSS
0.01
Percentile
83.8%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:totolink:x5000r_firmware:9.1.0u.6118_b20201102:*:*:*:*:*:*:*"
],
"vendor": "totolink",
"product": "x5000r_firmware",
"versions": [
{
"status": "affected",
"version": "9.1.0u.6118_b20201102"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:o:totolink:a7000r_firmware:9.1.0u.6115_b20201022:*:*:*:*:*:*:*"
],
"vendor": "totolink",
"product": "a7000r_firmware",
"versions": [
{
"status": "affected",
"version": "9.1.0u.6115_b20201022"
}
],
"defaultStatus": "unknown"
}
]Related
cnvd
cnvd
Totolink X5000R and TotoLink A7000R Command Injection Vulnerability
2022-03-16 00:00:00
cve
cve
CVE-2022-27005
2022-03-15 22:15:15
nvd
nvd
CVE-2022-27005
2022-03-15 22:15:15
prion
prion
Command injection
2022-03-15 22:15:00
cvelist
cvelist
CVE-2022-27005
2022-03-15 21:56:35
checkpoint_advisories
checkpoint_advisories
AI Score
8.6
Confidence
High
EPSS
0.01
Percentile
83.8%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2022-27005