CVE-2022-48123: OS Command Injection
First published: Fri Jan 20 2023(Updated: )
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the servername parameter in the setting/delStaticDhcpRules function.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A7100ru Firmware | =7.4cu.2313_b20191024 | |
| TOTOlink A7100RU |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for TOTOlink A7100RU?
The vulnerability ID for TOTOlink A7100RU is CVE-2022-48123.
What is the severity of CVE-2022-48123?
The severity of CVE-2022-48123 is critical with a CVSS score of 9.8.
How does the vulnerability affect TOTOlink A7100RU firmware version 7.4cu.2313_b20191024?
The vulnerability affects TOTOlink A7100RU firmware version 7.4cu.2313_b20191024 via the servername parameter in the setting/delStaticDhcpRules function.
Is TOTOlink A7100RU firmware version 7.4cu.2313_b20191024 the only affected software?
No, TOTOlink A7100RU firmware version 7.4cu.2313_b20191024 is not the only affected software. TOTOlink A7100RU itself is also affected but not vulnerable.
How can I fix the command injection vulnerability in TOTOlink A7100RU firmware?
To fix the command injection vulnerability in TOTOlink A7100RU firmware, it is recommended to update to a patched version provided by the manufacturer.
- collector/nvd-index
- agent/type
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/severity
- agent/author
- agent/last-modified-date
- agent/event
- agent/tags
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- vendor/totolink
- canonical/totolink a7100ru firmware
- version/totolink a7100ru firmware/7.4cu.2313_b20191024
- canonical/totolink a7100ru