exploitDog

GHSA-78g4-9xgp-8gg7

Опубликовано: 07 сент. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability.

In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability.

Ссылки

EPSS

Процентиль: 73%

0.00783

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77

Связанные уязвимости

CVE-2022-37843

CVSS3: 9.8

nvd

больше 3 лет назад

In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability.

EPSS

Процентиль: 73%

0.00783

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-77