mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
753 B
753 B
CVE-2018-13314
Description
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "ipAddr" POST parameter.
POC
Reference
- https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
- https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
Github
No PoCs found on GitHub currently.