OS Command Injection Vulnerability in Totolink A3100R V5.9c.4577

OS Command Injection Vulnerability in Totolink A3100R V5.9c.4577

CVE-2021-46007 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks.

Learn more about our Web Application Penetration Testing UK.