| CVE-2020-25499 | Maximal damage | 8.8 |
| Easy to exploit |
| (other affected products) | Published: Wed Dec 9 21:15:00 2020 UTC. Last Modified: Wed Jul 21 11:39:00 2021 UTC |
CPE matches: cpe:2.3:o:totolink:n300rh-v3_firmware:*:*:*:*:*:*:*:* && versionEndExcluding=3.2.4-b20201029.1838
Description
TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router.
Damage
- Complete loss of protection.
- Access to all information.
- Full Denial Of Service (DoS).
Attack conditions
- Remote attacking is possible through the network but requires the attacker to have regular user privileges.
- No user interaction is required.
- The attack is estimated to have a high success rate, once attempted.
Damage and attack conditions obtained from CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (CVSSv3)
Type of bug(s)
- CWE-78, Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'): The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.
- CWE-862, Missing Authorization: The software does not perform an authorization check when an actor attempts to access a resource or perform an action.