exploitDog

GHSA-4h2c-7x4j-46xr

Опубликовано: 15 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.

TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.

Ссылки

EPSS

Процентиль: 96%

0.2805

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2022-38308

CVSS3: 9.8

nvd

больше 3 лет назад

TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.

EPSS

Процентиль: 96%

0.2805

Средний

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77