AI Score
Confidence
High
EPSS
Percentile
98.5%
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
TOTOLINK A3300R 17.0.0cu.557_B20221024 contains a command injection via the file_name parameter in the UploadFirmwareFile function.
[
{
"cpes": [
"cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557_b20221024:*:*:*:*:*:*:*"
],
"vendor": "totolink",
"product": "a3300r_firmware",
"versions": [
{
"status": "affected",
"version": "17.0.0cu.557_b20221024"
}
],
"defaultStatus": "unknown"
}
]