A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
References
Link | Resource |
---|---|
http://a3100r.com | Broken Link |
http://totolink.com | Vendor Advisory |
https://drive.google.com/file/d/1_9ru2GRZ13T1KQKXPq2E14-opgf9ih45/view?usp=sharing | Broken Link |
https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/170.html | Product Vendor Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2022-03-11 08:15
Updated : 2022-03-18 08:22
NVD link : CVE-2021-44620
Mitre link : CVE-2021-44620
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
totolink
- a3100r
- a3100r_firmware