Vulnerability Details CVE-2023-37170
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.033
EPSS Ranking 86.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-37170
-
cpe:2.3:h:totolink:a3300r:-
-
cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557_b20221024