PT-2022-19319 · Totolink · Totolink A3100R+5

Published

2022-07-06

Updated

2022-07-14

CVE-2022-28935

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Totolink A830R version 5.9c.4729 B20191112 Totolink A3100R version 4.1.2cu.5050 B20200504 Totolink A950RG version 4.1.2cu.5161 B20200903 Totolink A800R version 4.1.2cu.5137 B20200730 Totolink A3000RU version 5.9c.5185 B20201128 Totolink A810R version 4.1.2cu.5182 B20201026

Description The issue is related to a command injection vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2022-28935

Affected Products

Totolink A3000Ru

Totolink A3100R

Totolink A800R

Totolink A810R

Totolink A830R

Totolink A950Rg

PT-2022-19319 · Totolink · Totolink A3100R+5

CVE-2022-28935

Weakness Enumeration

Related Identifiers

Affected Products

References · 5