Vulnerability Details CVE-2023-37170
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 82.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-37170
-
cpe:2.3:h:totolink:a3300r:-
-
cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557_b20221024