Vulnerability Details CVE-2022-28935
Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4.1.2cu.5161_B20200903, Totolink A800R V4.1.2cu.5137_B20200730, Totolink A3000RU V5.9c.5185_B20201128, Totolink A810R V4.1.2cu.5182_B20201026 were discovered to contain a command injection vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.2%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F
- https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F?usp=sharing
- https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F
- https://drive.google.com/drive/folders/1JNX74lNgC3U9pnrcNlGo0hsDGZzF6h7F?usp=sharing
Products affected by CVE-2022-28935
-
cpe:2.3:h:totolink:a3000ru:-
-
cpe:2.3:h:totolink:a3100r:-
-
cpe:2.3:h:totolink:a800r:-
-
cpe:2.3:h:totolink:a810r:-
-
cpe:2.3:h:totolink:a830r:-
-
cpe:2.3:h:totolink:a950rg:-
-
cpe:2.3:o:totolink:a3000ru_firmware:5.9c.5185_b20201128
-
cpe:2.3:o:totolink:a3100r_firmware:4.1.2cu.5050_b20200504
-
cpe:2.3:o:totolink:a800r_firmware:4.1.2cu.5137_b20200730
-
cpe:2.3:o:totolink:a810r_firmware:4.1.2cu.5182_b20201026
-
cpe:2.3:o:totolink:a830r_firmware:5.9c.4729_b20191112
-
cpe:2.3:o:totolink:a950rg_firmware:4.1.2cu.5161_b20200903