CVE-2015-9551
published 2020-11-24CVE-2015-9551: An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the…
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| totolink | a850r-v1_firmware | < 1.0.1-b20150707.1612 | 1.0.1-b20150707.1612 |
| totolink | f1-v2_firmware | < 2.1.1-b20150708.1646 | 2.1.1-b20150708.1646 |
| totolink | f2-v1_firmware | < 2.1.0-b20150320.1611 | 2.1.0-b20150320.1611 |
| totolink | n150rt-v2_firmware | < 2.1.1-b20150708.1548 | 2.1.1-b20150708.1548 |
| totolink | n151rt-v2_firmware | < 1.1-b20150708.1559 | 1.1-b20150708.1559 |
| totolink | n300rh-v2_firmware | < 2.0.1-b20150708.1625 | 2.0.1-b20150708.1625 |
| totolink | n300rh-v3_firmware | < 3.0.0-b20150331.0858 | 3.0.0-b20150331.0858 |
| totolink | n300rt-v2_firmware | < 2.1.1-b20150708.1613 | 2.1.1-b20150708.1613 |