CVE-2022-48125
https://notcve.org/view.php?id=CVE-2022-48125
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the password parameter in the setting/setOpenVpnCertGenerationCfg function. • https://github.com/Am1ngl/ttt/tree/main/13 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48121
https://notcve.org/view.php?id=CVE-2022-48121
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the rsabits parameter in the setting/delStaticDhcpRules function. • https://github.com/Am1ngl/ttt/tree/main/16 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48124
https://notcve.org/view.php?id=CVE-2022-48124
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the FileName parameter in the setting/setOpenVpnCertGenerationCfg function. • https://github.com/Am1ngl/ttt/tree/main/14 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-48122
https://notcve.org/view.php?id=CVE-2022-48122
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the dayvalid parameter in the setting/delStaticDhcpRules function. • https://github.com/Am1ngl/ttt/tree/main/17 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2022-47853
https://notcve.org/view.php?id=CVE-2022-47853
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload. • https://github.com/Am1ngl/ttt/tree/main/16 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •