CVE-2022-47853: OS Command Injection
First published: Tue Jan 17 2023(Updated: )
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the httpd service. An attacker can obtain a stable root shell through a specially constructed payload.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A7100ru Firmware | =7.4cu.2313_b20191024 | |
| TOTOlink A7100RU |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-47853?
The severity of CVE-2022-47853 is critical with a CVSS score of 9.8.
How does the Command Injection vulnerability in TOTOlink A7100RU V7.4cu.2313_B20191024 work?
The Command Injection vulnerability in TOTOlink A7100RU V7.4cu.2313_B20191024 allows an attacker to execute arbitrary commands through the httpd service.
What can an attacker do with the Command Injection vulnerability in TOTOlink A7100RU V7.4cu.2313_B20191024?
An attacker can obtain a stable root shell through a specially constructed payload.
Is TOTOlink A7100RU V7.4cu.2313_B20191024 the only affected software?
No, Totolink A7100ru Firmware version 7.4cu.2313_b20191024 is also affected.
Are there any known references or resources related to CVE-2022-47853?
Yes, you can find more information about this vulnerability at the following link: https://github.com/Am1ngl/ttt/tree/main/16
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- vendor/totolink
- canonical/totolink a7100ru firmware
- version/totolink a7100ru firmware/7.4cu.2313_b20191024
- canonical/totolink a7100ru