First published: Fri Feb 18 2022(Updated: )
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Totolink T6 Firmware | =v4.1.5cu.748_b20211015 | |
TOTOLink T6 | ||
Totolink T10 Firmware | =v4.1.8cu.5207_b20210320 | |
TOTOLINK T10 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.