CVE Radar

CVE Radar Logo
CVERadar

Edition used by more than 30,000 companies in more than 150 countries.
Sign Up For Free

CVE-2022-27003

High Severity|Totolink
69
SVRS
9.8
CVSSv3
0.02932
EPSS
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
TAGSNo tags available
VECTOR STRING
CVSS:3.1AV:NAC:LPR:NUI:NS:UC:HI:HA:H
PUBLICATION DATE2022-03-15
LAST MODIFIED2024-09-12

Deep CVE Analysis in Progress

The system is currently conducting an in-depth analysis of the selected CVE. This includes advanced correlation, vulnerability classification, and cross-referencing with real-time threat intelligence sources. Once the analysis is complete, the page will automatically update with enriched vulnerability data and actionable insights.

No IOCs found for this CVE

TitleSoftware LinkDate
ARPSyndicate/cvemonhttps://github.com/ARPSyndicate/cvemon2021-04-13
SOCRadar Logo

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

No news found for this CVE

No tweets found for this CVE

Configuration 1
TypeVendorProduct
OSTotolinkx5000r_firmware
Configuration 2
TypeVendorProduct
OSTotolinka7000r_firmware
ReferenceLink
MISChttps://github.com/wudipjq/my_vuln/blob/main/totolink/vuln_32/32.md
MISChttps://github.com/wudipjq/my_vuln/blob/main/totolink/vuln_32/32.md
GITHUBhttps://github.com/wudipjq/my_vuln/blob/main/totolink/vuln_32/32.md
[email protected]https://github.com/wudipjq/my_vuln/blob/main/totolink/vuln_32/32.md
GITHUBhttps://github.com/wudipjq/my_vuln/blob/main/totolink/vuln_32/32.md
CWE IDCWE NameDescription
CWE-78Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.