Vulnerability Details CVE-2021-45742
TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.209
EPSS Ranking 95.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
References
Products affected by CVE-2021-45742
-
cpe:2.3:h:totolink:a720r:-
-
cpe:2.3:o:totolink:a720r_firmware:4.1.5cu.470_b20200911