Vulnerability Details CVE-2015-9551
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.074
EPSS Ranking 91.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2015-9551
-
cpe:2.3:h:totolink:a850r-v1:-
-
cpe:2.3:h:totolink:f1-v2:-
-
cpe:2.3:h:totolink:f2-v1:-
-
cpe:2.3:h:totolink:n150rt-v2:-
-
cpe:2.3:h:totolink:n151rt-v2:-
-
cpe:2.3:h:totolink:n300rh-v2:-
-
cpe:2.3:h:totolink:n300rh-v3:-
-
cpe:2.3:h:totolink:n300rt-v2:-
-
cpe:2.3:o:totolink:a850r-v1_firmware:*
-
cpe:2.3:o:totolink:f1-v2_firmware:*
-
cpe:2.3:o:totolink:f2-v1_firmware:*
-
cpe:2.3:o:totolink:n150rt-v2_firmware:*
-
cpe:2.3:o:totolink:n151rt-v2_firmware:*
-
cpe:2.3:o:totolink:n300rh-v2_firmware:*
-
cpe:2.3:o:totolink:n300rh-v3_firmware:*
-
cpe:2.3:o:totolink:n300rt-v2_firmware:*