Vulnerability Details CVE-2022-36455
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.7%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-36455
-
cpe:2.3:h:totolink:a3600r:-
-
cpe:2.3:o:totolink:a3600r_firmware:4.1.2cu.5182_b20201102