Lucene search
MitreCVE-2022-47853HistoryJan 17, 2023 - 7:15 p.m.
CVE-2022-47853
2023-01-1719:15:11
CWE-78
mitre
web.nvd.nist.gov
28
totolink
a7100ru
v7.4cu.2313_b20191024
command injection
vulnerability
httpd service
cve-2022-47853
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.449
Percentile
97.5%
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.
Affected configurations
Node
totolinka7100ruMatch-
totolinka7100ru_firmwareMatch7.4cu.2313_b20191024
| Vendor | Product | Version | CPE |
|---|---|---|---|
| totolink | a7100ru | - | cpe:2.3:h:totolink:a7100ru:-:*:*:*:*:*:*:* |
| totolink | a7100ru_firmware | 7.4cu.2313_b20191024 | cpe:2.3:o:totolink:a7100ru_firmware:7.4cu.2313_b20191024:*:*:*:*:*:*:* |
References
Related
prion
prion
Command injection
2023-01-17 19:15:00
nvd
nvd
CVE-2022-47853
2023-01-17 19:15:11
cvelist
cvelist
CVE-2022-47853
2023-01-17 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.449
Percentile
97.5%
Related for CVE-2022-47853