CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-38308

TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.349

EPSS Ranking 96.8%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/WhoisZkuan/TOTOlink-A700RU
https://github.com/WhoisZkuan/TOTOlink-A700RU

Products affected by CVE-2022-38308

Totolink » A7000ru » Version: N/A

cpe:2.3:h:totolink:a7000ru:-
Totolink » A7000ru Firmware » Version: 7.4cu.2313_b20191024

cpe:2.3:o:totolink:a7000ru_firmware:7.4cu.2313_b20191024

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-38308

Products

Pricing

Contact Us