CVE-2023-46574

Critical

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the…

mitre·CWE-77·Published 2023-10-24

CVSS

9.8

EPSS

0.65

KEV

Exploits

cve.orgen

164 chars

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.

NVDen

164 chars

An issue in TOTOLINK A3700R v.9.1.2u.6165_20211012 allows a remote attacker to execute arbitrary code via the FileName parameter of the UploadFirmwareFile function.

NVDes

175 chars

Un problema en TOTOLINK A3700R v.9.1.2u.6165_20211012 permite a un atacante remoto ejecutar código arbitrario a través del parámetro FileName de la función UploadFirmwareFile.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H