CVE-2023-24276
https://notcve.org/view.php?id=CVE-2023-24276
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules. • https://github.com/Am1ngl/ttt/tree/main/18 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2022-48123
https://notcve.org/view.php?id=CVE-2022-48123
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function. • https://github.com/Am1ngl/ttt/tree/main/15 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48126
https://notcve.org/view.php?id=CVE-2022-48126
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the username parameter in the setting/setOpenVpnCertGenerationCfg function. • https://github.com/Am1ngl/ttt/tree/main/12 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48125
https://notcve.org/view.php?id=CVE-2022-48125
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function. • https://github.com/Am1ngl/ttt/tree/main/13 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48121
https://notcve.org/view.php?id=CVE-2022-48121
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function. • https://github.com/Am1ngl/ttt/tree/main/16 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •