COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-46007

CVE-2021-46007

Severity
critical
Source
NVD · cve
Published
2022-03-30
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-46007
⚡ RCE shame 50/100 rce

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.

Players implicated

totolink · vendorar3100r · productar3100r firmware · product

Description

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.