CVE-2022-36456: TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.

high7.8CVSS 3.1

AVLACLPRLUINSUCHIHAH

TOTOLink A720R V4.1.5cu.532_B20210610 was discovered to contain a command injection vulnerability via the username parameter in /cstecgi.cgi.

1 ranges

Vendor	Product	Version range	Fixed in
totolink	a720r_firmware	—	—