Описание
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.
Ссылки
- Broken Link
- Vendor Advisory
- ExploitThird Party Advisory
- Broken Link
- Vendor Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:totolink:ar3100r_firmware:5.9c.4577:*:*:*:*:*:*:*
cpe:2.3:h:totolink:ar3100r:-:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09409
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
почти 4 года назад
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.
EPSS
Процентиль: 93%
0.09409
Низкий
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-78