Wednesday, March 2, 2022

CVE-2022-25075

TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. (CVSS:7.5) (Last Update:2022-03-02)
http://dlvr.it/SKysqf

No comments:

Post a Comment

GitLab Releases Urgent Security Patches for Critical Vulnerability

GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user. The issue, tracked ...