CVSS: 9.8EPSS: 44%CPEs: 2EXPL: 1CVE-2022-44844
https://notcve.org/view.php?id=CVE-2022-44844
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the pass parameter in the setting/setOpenVpnCfg function. Se descubrió que TOTOlink A7100RU V7.4cu.2313_B20191024 contiene una vulnerabilidad de inyección de comando a través del parámetro pass en la función settings/setOpenVpnCfg. • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/2 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 44%CPEs: 2EXPL: 1CVE-2022-44843
https://notcve.org/view.php?id=CVE-2022-44843
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the port parameter in the setting/setOpenVpnClientCfg function. Se descubrió que TOTOlink A7100RU V7.4cu.2313_B20191024 contiene una vulnerabilidad de inyección de comandos a través del parámetro de puerto en la función configuración/setOpenVpnClientCfg. • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2022-28583
https://notcve.org/view.php?id=CVE-2022-28583
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. Se ha detectado una vulnerabilidad de inyección de comandos en la interfaz setWiFiWpsCfg del router TOTOlink A7100RU (versión v7.4cu.2313_b20191024), que permite a un atacante ejecutar comandos arbitrarios mediante una carga útil cuidadosamente construida • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/7 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2022-28582
https://notcve.org/view.php?id=CVE-2022-28582
It is found that there is a command injection vulnerability in the setWiFiSignalCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. Se ha detectado una vulnerabilidad de inyección de comandos en la interfaz setWiFiSignalCfg del router TOTOlink A7100RU (versión v7.4cu.2313_b20191024), que permite a un atacante ejecutar comandos arbitrarios mediante una carga útil cuidadosamente construida • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/6 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2022-28581
https://notcve.org/view.php?id=CVE-2022-28581
It is found that there is a command injection vulnerability in the setWiFiAdvancedCfg interface in TOTOlink A7100RU (v7.4cu.2313_b20191024) router, which allows an attacker to execute arbitrary commands through a carefully constructed payload. Se ha detectado una vulnerabilidad de inyección de comandos en la interfaz setWiFiAdvancedCfg del router TOTOlink A7100RU (versión v7.4cu.2313_b20191024), que permite a un atacante ejecutar comandos arbitrarios mediante una carga útil cuidadosamente construida • https://github.com/EPhaha/IOT_vuln/tree/main/TOTOLink/A7100RU/9 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •