CVE-2022-38826

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TOTOLINK T6 version 4.1.5cu.709 B20210518

Description The issue allows for the execution of arbitrary commands in the cstecgi.cgi file.

Recommendations For TOTOLINK T6 version 4.1.5cu.709 B20210518, consider disabling access to the cstecgi.cgi file as a temporary workaround until a patch is available.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2022-38826

Affected Products

Totolink T6

CVE-2022-38826

Weakness Enumeration

Related Identifiers

Affected Products

References · 5