CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37149

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection vulnerability via the FileName parameter in the setUploadSetting function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/4/README.md
https://github.com/DaDong-G/Vulnerability_info/blob/main/TOTOLINK/lr350/4/README.md

Products affected by CVE-2023-37149

Totolink » Lr350 » Version: N/A

cpe:2.3:h:totolink:lr350:-
Totolink » Lr350 Firmware » Version: 9.3.5u.6369_b20220309

cpe:2.3:o:totolink:lr350_firmware:9.3.5u.6369_b20220309

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37149

Products

Pricing

Contact Us