This issue could be exploited by injecting malicious code into the hostName parameter of setOpModeCfg. A remote attacker could exploit this issue to execute arbitrary code on the targeted device. This issue was reported to Digi.
CVE-2018-2192 A critical remote code execution vulnerability has been discovered in totolink A7000R V9.1.0u.6115_B20201022. An attacker could exploit this vulnerability by sending a specially crafted packet to the affected device. This could be done by sending a maliciously crafted email message to the targeted user, an unauthenticated HTTP request to the targeted device, or by creating a maliciously crafted HTTP response. A remote attacker could exploit this vulnerability to execute arbitrary code on the targeted device. This issue was reported to Digi.
Vulnerability Scenario
An attacker could exploit this vulnerability by sending a maliciously crafted HTTP response to the targeted device. For example, an attacker could craft a message in HTML that contains code from the HTTP response header that would cause it to be accepted as valid and not rejected when it is processed. This would allow for a remote attacker to send a maliciously crafted packet to the targeted device and execute arbitrary code.
Vulnerable SFP Ethernet and IP Devices
The vulnerability could be exploited by sending a maliciously crafted packet to the affected device. It was reported to Digi, who is working with their partners on a fix.
Timeline
Published on: 08/25/2022 15:15:00 UTC
Last modified on: 08/26/2022 17:13:00 UTC