CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-44247

Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. This vulnerability allows attackers to execute arbitrary commands via the IpFrom parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.271

EPSS Ranking 96.1%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2021-44247

Totolink » A3100r » Version: N/A

cpe:2.3:h:totolink:a3100r:-
Totolink » A720r » Version: N/A

cpe:2.3:h:totolink:a720r:-
Totolink » A830r » Version: N/A

cpe:2.3:h:totolink:a830r:-
Totolink » A3100r Firmware » Version: 4.1.2cu.5050_b20200504

cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5050_b20200504
Totolink » A720r Firmware » Version: 4.1.5cu.470_b20200911

cpe:2.3:o:totolink:a720r_firmware:4.1.5cu.470_b20200911
Totolink » A830r Firmware » Version: 5.9c.4729_b20191112

cpe:2.3:o:totolink:a830r_firmware:5.9c.4729_b20191112

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-44247

Products

Pricing

Contact Us