CWE-77

CVE-2022-37070

February 23, 2023 by godfreyd94

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList.

CVE-2022-37076

February 23, 2023 by godfreyd94

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.

CVE-2022-37078

February 23, 2023 by godfreyd94

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the lang parameter at /setting/setLanguageCfg.

CVE-2022-37079

February 23, 2023 by godfreyd94

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.

CVE-2022-37081

February 23, 2023 by godfreyd94

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the command parameter at setting/setTracerouteCfg.

CVE-2022-37082

February 23, 2023 by godfreyd94

TOTOLINK A7000R V9.1.0u.6115_B20201022 was discovered to contain a command injection vulnerability via the host_time parameter at the function NTPSyncWithHost.