Описание
TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:totolink:a7000ru_firmware:7.4cu.2313_b20191024:*:*:*:*:*:*:*
cpe:2.3:h:totolink:a7000ru:-:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.2805
Средний
9.8 Critical
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.
EPSS
Процентиль: 96%
0.2805
Средний
9.8 Critical
CVSS3
Дефекты
CWE-78