N/A

Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu.5161_B20200903, A800R V4.1.2cu.5137_B20200730, A3000RU V5.9c.5185_B20201128, and A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability in the function setUploadSetting, via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.

N/A

N/A

多款TotoLink产品操作系统命令注入漏洞

TOTOLINK A3100R等都是中国吉翁电子（TOTOLINK）公司的产品。TOTOLINK A3100R是一系列无线路由器。TOTOLINK A950RG是一款超世代 Giga 无线路由器。TOTOLINK A830R是一款无线双频路由器。 TotoLink 的 A830R 5.9c.4729_B20191112版本、A3100R 4.1.2cu.5050_B20200504版本、A950RG 4.1.2cu.5161_B20200903版本、A800R 4.1.2cu.5137_B20200730

N/A

N/A