CVE-2021-43663: Command Injection
First published: Wed Mar 30 2022(Updated: )
totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink Ex300 V2 Firmware | =4.0.3c.140_b20210429 | |
| Totolink Ex300 V2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2021-43663.
What is the severity rating of CVE-2021-43663?
The severity rating of CVE-2021-43663 is high with a CVSS score of 7.5.
What is the affected software for CVE-2021-43663?
The affected software for CVE-2021-43663 is Totolink EX300_v2 firmware version 4.0.3c.140_B20210429.
How was the vulnerability discovered?
The vulnerability was discovered through the component cloudupdate_check in Totolink EX300_v2 firmware version 4.0.3c.140_B20210429.
Is Totolink Ex300 V2 firmware version 4.0.3c.140_B20210429 vulnerable?
Yes, Totolink Ex300 V2 firmware version 4.0.3c.140_B20210429 is vulnerable to the command injection vulnerability.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink ex300 v2 firmware
- version/totolink ex300 v2 firmware/4.0.3c.140_b20210429
- canonical/totolink ex300 v2