System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows malicious users to execute system commands via the "ntpServerIp2" POST parameter. Certain payloads cause the device to become permanently inoperable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
totolink a3002ru_firmware 1.0.8 |