CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-48125
https://notcve.org/view.php?id=CVE-2022-48125
20 Jan 2023 — TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function. • https://github.com/Am1ngl/ttt/tree/main/13 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-48126
https://notcve.org/view.php?id=CVE-2022-48126
20 Jan 2023 — TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function. • https://github.com/Am1ngl/ttt/tree/main/12 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-47853
https://notcve.org/view.php?id=CVE-2022-47853
17 Jan 2023 — TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload. • https://github.com/Am1ngl/ttt/tree/main/16 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-46631
https://notcve.org/view.php?id=CVE-2022-46631
15 Dec 2022 — TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function. Se descubrió que TOTOlink A7100RU V7.4cu.2313_B20191024 contiene una vulnerabilidad de inyección de comandos a través del parámetro wscDisabled en la función settings/setWiFiSignalCfg. • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/6 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-46634
https://notcve.org/view.php?id=CVE-2022-46634
15 Dec 2022 — TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function. Se descubrió que TOTOlink A7100RU V7.4cu.2313_B20191024 contiene una vulnerabilidad de inyección de comandos a través del parámetro wscDisabled en la función setting/setWiFiWpsCfg. • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/7 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-44843
https://notcve.org/view.php?id=CVE-2022-44843
25 Nov 2022 — TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function. Se descubrió que TOTOlink A7100RU V7.4cu.2313_B20191024 contiene una vulnerabilidad de inyección de comandos a través del parámetro de puerto en la función configuración/setOpenVpnClientCfg. • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 2%CPEs: 2EXPL: 1CVE-2022-44844
https://notcve.org/view.php?id=CVE-2022-44844
25 Nov 2022 — TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function. Se descubrió que TOTOlink A7100RU V7.4cu.2313_B20191024 contiene una vulnerabilidad de inyección de comando a través del parámetro pass en la función settings/setOpenVpnCfg. • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-28583
https://notcve.org/view.php?id=CVE-2022-28583
05 May 2022 — It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. Se ha detectado una vulnerabilidad de inyección de comandos en la interfaz setWiFiWpsCfg del router TOTOlink A7100RU (versión v7.4cu.2313_b20191024), que permite a un atacante ejecutar comandos arbitrarios mediante una carga útil cuidadosamente construida • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/7 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-28582
https://notcve.org/view.php?id=CVE-2022-28582
05 May 2022 — It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. Se ha detectado una vulnerabilidad de inyección de comandos en la interfaz setWiFiSignalCfg del router TOTOlink A7100RU (versión v7.4cu.2313_b20191024), que permite a un atacante ejecutar comandos arbitrarios mediante una carga útil cuidadosamente construida • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/6 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 1CVE-2022-28581
https://notcve.org/view.php?id=CVE-2022-28581
05 May 2022 — It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. Se ha detectado una vulnerabilidad de inyección de comandos en la interfaz setWiFiAdvancedCfg del router TOTOlink A7100RU (versión v7.4cu.2313_b20191024), que permite a un atacante ejecutar comandos arbitrarios mediante una carga útil cuidadosamente construida • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/9 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •