Описание
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
EPSS
Процентиль: 90%
0.04857
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 7.3
github
9 дней назад
A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setNtpCfg of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument tz results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
EPSS
Процентиль: 90%
0.04857
Низкий
7.3 High
CVSS3
7.5 High
CVSS2
Дефекты
CWE-77