Vulnerability Details CVE-2022-37078
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 40.1%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2022-37078
-
cpe:2.3:h:totolink:a7000r:-
-
cpe:2.3:o:totolink:a7000r_firmware:9.1.0u.6115_b20201022