TOTOLINK.Router.Cstecgi.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection Vulnerability in TOTOLINK routers.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application. An unauthenticated remote attacker may be able to exploit this to execute arbitrary commands within the context of the application.
Affected Products
Totolink N600R V4.3.0cu.7570_B20200620
Totolink A830R V5.9c.4729_B20191112
Totolink A3100R V4.1.2cu.5050_B20200504
Totolink A950RG V4.1.2cu.5161_B20200903
Totolink A800R V4.1.2cu.5137_B20200730
Totolink A3000RU V5.9c.5185_B20201128
Totolink A810R V4.1.2cu.5182_B20201026
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Currently we are not aware of any vendor supplied patch for this issue.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-03-19 | 27.751 | Name:Totolink. Router. Cstecgi. Command. Injection:TOTOLINK. Router. Cstecgi. Command. Injection |
2023-07-18 | 25.604 | Sig Added |
2023-07-18 | 25.603 | Sig Added |
2023-07-18 | 25.602 | Sig Added |
2022-12-06 | 22.452 | Sig Added |
2022-06-06 | 21.332 | Default_action:pass:drop |
2022-05-17 | 20.317 | Sig Added |
2022-05-10 | 20.313 |