Описание
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_B20221024. The impacted element is the function vsetTr069Cfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument stun_pass leads to os command injection. The exploit has been disclosed publicly and may be used.
EPSS
Процентиль: 81%
0.01426
Низкий
5.5 Medium
CVSS3
5.2 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 5.5
github
9 дней назад
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_B20221024. The impacted element is the function vsetTr069Cfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument stun_pass leads to os command injection. The exploit has been disclosed publicly and may be used.
EPSS
Процентиль: 81%
0.01426
Низкий
5.5 Medium
CVSS3
5.2 Medium
CVSS2
Дефекты
CWE-77