Lucene search
MitreCVE-2022-38535HistorySep 15, 2022 - 6:15 p.m.
CVE-2022-38535
2022-09-1518:15:12
CWE-78
mitre
web.nvd.nist.gov
24
8
cve-2022-38535
totolink-720r
v4.1.5cu.374
rce
vulnerability
remote code execution
settraceroutecfg
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.003
Percentile
69.8%
TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function.
Affected configurations
Node
totolinka720r_firmwareMatch4.1.5cu.374
totolinka720rMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| totolink | a720r_firmware | 4.1.5cu.374 | cpe:2.3:o:totolink:a720r_firmware:4.1.5cu.374:*:*:*:*:*:*:* |
| totolink | a720r | - | cpe:2.3:h:totolink:a720r:-:*:*:*:*:*:*:* |
Social References
More
Related
prion
prion
Remote code execution
2022-09-15 18:15:00
cvelist
cvelist
CVE-2022-38535
2022-09-15 17:58:20
nvd
nvd
CVE-2022-38535
2022-09-15 18:15:12
checkpoint_advisories
checkpoint_advisories
TOTOLink 720R Command Injection (CVE-2022-38534; CVE-2022-38535)
2022-11-13 00:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.003
Percentile
69.8%
Related for CVE-2022-38535