CVE-2021-44620: Command Injection
First published: Fri Mar 11 2022(Updated: )
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp via the hosTime parameters.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A3100r Firmware | <=4.1.2cu.5050_b20200504 | |
| TOTOLink A3100R |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-44620?
CVE-2021-44620 is a Command Injection vulnerability in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm.asp.
How does CVE-2021-44620 affect TOTOLINK A3100R?
CVE-2021-44620 allows an attacker to execute arbitrary commands on TOTOLINK A3100R devices.
What is the severity of CVE-2021-44620?
CVE-2021-44620 has a severity rating of critical with a CVSS score of 9.8.
How can I fix CVE-2021-44620 on TOTOLINK A3100R?
To fix CVE-2021-44620, update the firmware of TOTOLINK A3100R to version 4.1.2cu.5050_B20200504 or later.
Where can I find more information about CVE-2021-44620?
You can find more information about CVE-2021-44620 at the following references: [http://a3100r.com](http://a3100r.com), [http://totolink.com](http://totolink.com), and [https://drive.google.com/file/d/1_9ru2GRZ13T1KQKXPq2E14-opgf9ih45/view?usp=sharing](https://drive.google.com/file/d/1_9ru2GRZ13T1KQKXPq2E14-opgf9ih45/view?usp=sharing).
- collector/nvd-index
- agent/weakness
- agent/event
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink a3100r firmware
- version/totolink a3100r firmware/4.1.2cu.5050_b20200504
- canonical/totolink a3100r