Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-25132

A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.035
EPSS Ranking 87.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2022-25132
  • Totolink » T10 » Version: N/A
    cpe:2.3:h:totolink:t10:-
  • Totolink » T6 » Version: N/A
    cpe:2.3:h:totolink:t6:-
  • Totolink » T10 Firmware » Version: v4.1.8cu.5207_b20210320
    cpe:2.3:o:totolink:t10_firmware:v4.1.8cu.5207_b20210320
  • Totolink » T6 Firmware » Version: v4.1.5cu.748_b20211015
    cpe:2.3:o:totolink:t6_firmware:v4.1.5cu.748_b20211015


Products
Pricing
Contact Us

Shodan ® - All rights reserved