### [CVE-2022-40475](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40475)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the component /cgi-bin/downloadFile.cgi.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/1759134370/iot