Thursday, March 3, 2022

CVE-2022-25077

TOTOLink A3100R V4.1.2cu.5050_B20200504 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter. (CVSS:7.5) (Last Update:2022-03-03)
http://dlvr.it/SL2XR0

No comments:

Post a Comment

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

Microsoft has warned of a new wave of CACTUS ransomware attacks that leverage malvertising lures to deploy DanaBot as an initial access vect...