CVE-2022-28910: OS Command Injection
First published: Tue May 10 2022(Updated: )
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the devicename parameter in /setting/setDeviceName.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink N600r Firmware | =5.3c.7159_b20190425 | |
| TOTOLINK N600R |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for TOTOLink N600R?
The vulnerability ID for TOTOLink N600R is CVE-2022-28910.
What is the severity of CVE-2022-28910?
The severity of CVE-2022-28910 is critical with a score of 9.8.
How does CVE-2022-28910 affect TOTOLink N600R?
CVE-2022-28910 affects TOTOLink N600R firmware version 5.3c.7159_b20190425.
How can I fix CVE-2022-28910 in TOTOLink N600R?
To fix CVE-2022-28910 in TOTOLink N600R, update the firmware to a version that has patched the vulnerability.
What is the CWE ID for CVE-2022-28910?
The CWE ID for CVE-2022-28910 is CWE-77 and CWE-78.
- collector/nvd-api
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink n600r firmware
- version/totolink n600r firmware/5.3c.7159_b20190425
- canonical/totolink n600r