CVE-2022-28582

Name of the Vulnerable Software and Affected Versions TOTOlink A7100RU version 7.4cu.2313 b20191024

Description A command injection issue is found in the setWiFiSignalCfg interface of the TOTOlink A7100RU router, allowing an attacker to execute arbitrary commands through a carefully constructed payload.

Recommendations For version 7.4cu.2313 b20191024, as a temporary workaround, consider disabling the setWiFiSignalCfg interface until a patch is available. Restrict access to this interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.