TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the webwlanidx parameter in /setting/setWebWlanIdx.
References
Link | Resource |
---|---|
https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/N600R/3 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2022-05-10 07:15
Updated : 2022-05-16 10:14
NVD link : CVE-2022-28909
Mitre link : CVE-2022-28909
JSON object : View
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Products Affected
totolink
- n600r_firmware
- n600r