Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system function with untrusted input. In the function, "command" parameter is directly passed to the attacker, allowing them to control the "command" field to attack the OS.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TotoLink X5000R 操作系统命令注入漏洞
Vulnerability Description
TotoLink X5000R是中国吉翁电子(TotoLink)公司的一个路由器。 TotoLink X5000R router with firmware v9.1.0u.6118_B20201102 中的Command Injection 存在安全漏洞,攻击者可利用该漏洞控制“command”字段攻击操作系统。
CVSS Information
N/A
Vulnerability Type
N/A