TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function setDeviceName of the file global.so which can control thedeviceName to attack.
References
Link | Resource |
---|---|
https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_devicename_rce.md | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2022-06-03 04:15
Updated : 2022-06-13 09:45
NVD link : CVE-2021-42884
Mitre link : CVE-2021-42884
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
totolink
- ex1200t
- ex1200t_firmware