CVE-2022-44249

Description

TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter in the UploadFirmwareFile function.

Related CPE's

References

https://brief-nymphea-813.notion.site/LR350-command-injection-UploadFirmwareFile-f006f70e9e6540529d262a8d34154d24

CvssV3 impact

CvssV2 impact