CVE-2022-36460: OS Command Injection
First published: Thu Aug 25 2022(Updated: )
TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A3700r Firmware | =9.1.2u.6134_b20201202 | |
| TOTOLINK A3700R |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for TOTOLINK A3700R?
The vulnerability ID for TOTOLINK A3700R is CVE-2022-36460.
What is the severity of CVE-2022-36460?
The severity of CVE-2022-36460 is high with a CVSS score of 7.8.
How can the TOTOLINK A3700R be affected by this vulnerability?
TOTOLINK A3700R V9.1.2u.6134_B20201202 is affected by a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.
How can I fix CVE-2022-36460 in TOTOLINK A3700R?
Currently, there is no known fix or patch for CVE-2022-36460. It is recommended to follow the vendor's security advisories for updates.
Where can I find more information about CVE-2022-36460?
You can find more information about CVE-2022-36460 at the following link: [CVE-2022-36460](https://github.com/Darry-lang1/vuln/blob/main/TOTOLINK/A3700R/4/readme.md).
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/event
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink a3700r firmware
- version/totolink a3700r firmware/9.1.2u.6134_b20201202
- canonical/totolink a3700r