Описание
A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
Ссылки
- ExploitIssue Tracking
- Exploit
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:totolink:wa300_firmware:5.2cu.7112_b20190227:*:*:*:*:*:*:*
cpe:2.3:h:totolink:wa300:-:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.02641
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-77
CWE-78
Связанные уязвимости
CVSS3: 7.3
github
20 дней назад
A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. Affected by this issue is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
EPSS
Процентиль: 86%
0.02641
Низкий
7.3 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-77
CWE-78