CVE-2021-43663

Severity

7.5HIGH

EPSS

0.8%

top 25.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 31

Latest updateApr 1

Description

totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection vulnerability via the component cloudupdate_check.

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

GHSA

GHSA-xqww-qhcc-x39q: totolink EX300_v2 V4↗2022-04-01

▶

CVEList

CVE-2021-43663: totolink EX300_v2 V4↗2022-03-30

▶