CVEbuzz logo
This website displays data collected from external sources, and is not responsible for any aspect of it. Read more...

Security / vulnerability advisories for TOTOLINK N300RH-V3 FIRMWARE 3.0.0-B20150331.0858

Titles listed in dictionary

CPE for product: cpe:2.3:o:totolink:n300rh-v3_firmware:3.0.0-b20150331.0858:*:*:*:*:*:*:*

Showing 1-1 of 1
Maximal damage 8.8
Easy to exploit
(other affected products) Published: Wed Dec 9 21:15:00 2020 UTC. Last Modified: Wed Jul 21 11:39:00 2021 UTC
CPE matches: cpe:2.3:o:totolink:n300rh-v3_firmware:*:*:*:*:*:*:*:* && versionEndExcluding=3.2.4-b20201029.1838

Description

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router.

Damage

Attack conditions

Damage and attack conditions obtained from CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (CVSSv3)

Type of bug(s)

References