Описание
A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
Ссылки
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS2
Дефекты
Связанные уязвимости
A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument plugin_name results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
Уязвимость функции setUnloadUserData() сценария /cgi-bin/cstecgi.cgi микропрограммного обеспечения роутеров TOTOLINK A7000R, позволяющая нарушителю выполнить произвольные команды
EPSS
6.3 Medium
CVSS3
6.5 Medium
CVSS2