CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-42890

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function NTPSyncWithHost of the file system.so which can control hostTime to attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_hosttime_rce.md
https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_hosttime_rce.md

Products affected by CVE-2021-42890

Totolink » Ex1200t » Version: N/A

cpe:2.3:h:totolink:ex1200t:-
Totolink » Ex1200t Firmware » Version: 4.1.2cu.5215

cpe:2.3:o:totolink:ex1200t_firmware:4.1.2cu.5215

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-42890

Products

Pricing

Contact Us