Lucene search
MitreCVE-2023-46574HistoryOct 25, 2023 - 6:17 p.m.
CVE-2023-46574
2023-10-2518:17:39
CWE-77
mitre
web.nvd.nist.gov
51
totolink
a3700r
v9.1.2u.6165
security
vulnerability
cve-2023-46574
remote code execution
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.433
Percentile
97.4%
An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.
Affected configurations
Node
totolinka3700r_firmwareMatch9.1.2u.6165_20211012
totolinka3700rMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| totolink | a3700r_firmware | 9.1.2u.6165_20211012 | cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6165_20211012:*:*:*:*:*:*:* |
| totolink | a3700r | - | cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2023-10-25 18:17:00
nuclei
nuclei
TOTOLINK A3700R - Command Injection
2023-12-25 00:56:03
vulnrichment
vulnrichment
CVE-2023-46574
2023-10-24 00:00:00
cvelist
cvelist
CVE-2023-46574
2023-10-24 00:00:00
nvd
nvd
CVE-2023-46574
2023-10-25 18:17:39
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.433
Percentile
97.4%
Related for CVE-2023-46574