漏洞描述
TOTOLINK A3300R是中国吉翁电子(TOTOLINK)公司的一款无线路由器。 TOTOLINK A3300R V17.0.0cu.557_B20221024 版本存在安全漏洞,该漏洞源于 setWiFiScheduleCfg 方法的 enable 参数存在命令注入漏洞。
TOTOLINK A3300R 远程命令执行漏洞
PoC代码
暂无相关漏洞推荐
- POC CVE-2018-13317: TOTOLINK A3002RU 1.0.8 - Information Disclosure
- POC CVE-2019-19822: TOTOLINK/Realtek Routers - Information Disclosure
- POC CVE-2019-19823: TOTOLINK/Realtek Routers - Information Disclosure
- POC CVE-2019-19825: TOTOLINK/Realtek Routers - CAPTCHA Bypass
- POC CVE-2019-19824: TOTOLINK Realtek SD Routers - Remote Command Injection
- POC CVE-2021-42887: TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass
- POC CVE-2023-46574: TOTOLINK A3700R - Command Injection
- POC CVE-2024-34257: TOTOLINK EX1800T TOTOLINK EX1800T - Command Injection
- POC CVE-2024-51228: TOTOLINK CX-A3002RU - Remote Code Execution
- POC CVE-2024-7332: TOTOLINK CP450 v4.1.0cu.747_B20191224 - Hard-Coded Password Vulnerability
- POC CVE-2023-46574: TOTOLINK A3700R存在RCE漏洞
- POC CVE-2024-51228: TOTOLINK CX-A3002RU RCE
- POC totolink-installer: TOTOLINK Installer - Exposure