Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability.
References
Link | Resource |
---|---|
https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F | Exploit Third Party Advisory |
https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F?usp=sharing | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
History
14 Jul 2022, 01:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:h:totolink:a810r:-:*:*:*:*:*:*:* cpe:2.3:h:totolink:a950rg:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5050_b20200504:*:*:*:*:*:*:* cpe:2.3:o:totolink:a3000ru_firmware:5.9c.5185_b20201128:*:*:*:*:*:*:* cpe:2.3:h:totolink:a830r:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:a800r_firmware:4.1.2cu.5137_b20200730:*:*:*:*:*:*:* cpe:2.3:h:totolink:a3100r:-:*:*:*:*:*:*:* cpe:2.3:h:totolink:a3000ru:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:a830r_firmware:5.9c.4729_b20191112:*:*:*:*:*:*:* cpe:2.3:o:totolink:a810r_firmware:4.1.2cu.5182_b20201026:*:*:*:*:*:*:* cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5161_b20200903:*:*:*:*:*:*:* cpe:2.3:h:totolink:a800r:-:*:*:*:*:*:*:* |
|
References | (MISC) https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F?usp=sharing - Exploit, Third Party Advisory | |
References | (MISC) https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F - Exploit, Third Party Advisory | |
CWE | CWE-77 | |
First Time |
Totolink a830r
Totolink a800r Firmware Totolink a950rg Firmware Totolink a810r Firmware Totolink a800r Totolink a830r Firmware Totolink a3000ru Firmware Totolink a3100r Totolink a950rg Totolink a3000ru Totolink a810r Totolink Totolink a3100r Firmware |
|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 7.2 |
06 Jul 2022, 13:50
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-07-06 13:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-28935
Mitre link : CVE-2022-28935
CVE.ORG link : CVE-2022-28935
JSON object : View
Products Affected
totolink
- a830r
- a3100r_firmware
- a950rg_firmware
- a950rg
- a800r_firmware
- a810r_firmware
- a3100r
- a3000ru_firmware
- a3000ru
- a810r
- a830r_firmware
- a800r
CWE
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')