Описание
A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Ссылки
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Одновременно
EPSS
4.7 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability classified as critical has been found in TOTOLINK N150RT 3.4.0-B20190525. This affects an unknown part of the file /boa/formWSC. The manipulation of the argument targetAPSsid leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Уязвимость встроенного веб-сервера boa (/boa/formWSC) микропрограммного обеспечения роутеров TOTOLINK N150RT, позволяющая нарушителю выполнить произвольные команды
EPSS
4.7 Medium
CVSS3
5.8 Medium
CVSS2