CVE-2022-37082: OS Command Injection
First published: Thu Aug 25 2022(Updated: )
TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A7000r Firmware | =9.1.0u.6115_b20201022 | |
| TOTOLINK A7000R |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-37082.
What is the severity of CVE-2022-37082?
The severity of CVE-2022-37082 is high with a CVSS score of 7.8.
What is the affected software version?
The affected software version is Totolink A7000R Firmware 9.1.0u.6115_b20201022.
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is CWE-77 and CWE-78.
Is there any reference available for this vulnerability?
Yes, you can find the reference for this vulnerability at the following link: https://github.com/Darry-lang1/vuln/tree/main/TOTOLINK/A7000R/3
- collector/nvd-api
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/totolink
- canonical/totolink a7000r firmware
- version/totolink a7000r firmware/9.1.0u.6115_b20201022
- canonical/totolink a7000r