mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
751 B
751 B
CVE-2018-13306
Description
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ftpUser" POST parameter.
POC
Reference
- https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
- https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
Github
No PoCs found on GitHub currently.