CVE-2022-41525 The totolink nr1800x v9.1.0u.6279_b20210910 contains a command injection vulnerability.

This issue could be exploited by hackers to execute arbitrary commands as root with the privileges of the cPanel & WHM application. In addition, TOTOLINK NR1800X V9.1.0u.6279_B20210910 is vulnerable to a cross-site request forgery issue, which could be exploited by attackers to change the destination of an arbitrary HTTP request. TOTOLINK NR1800X V9.1.0u.6279_B20210910 is also vulnerable to a reflected cross-site scripting issue, which could be exploited by attackers to inject malicious code into the application.

CVE-2017-5705 A command injection vulnerability in the opmode_config function at /cgi-bin/cstecgi/opmode_config.plpl was discovered in TOTOLINK NR1800X V9.1.0u.6279_B20210910. This issue could be exploited by attackers to execute arbitrary commands as root with the privileges of the cPanel & WHM application.

CVE-2017-5706 A command injection vulnerability in the opmode_config function at /cgi-bin/cstecgi/opmode_config.plpl was discovered in TOTOLINK NR1800X V9.1.0u.6279_B20210910. This issue could be exploited by attackers to execute arbitrary commands as root with the privileges of the cPanel & WHM

Remote Code Execution

TOTOLINK NR1800X V9.1.0u.6279_B20210910 is vulnerable to a cross-site request forgery issue, which could be exploited by attackers to change the destination of an arbitrary HTTP request. TOTOLINK NR1800X V9.1.0u.6279_B20210910 is also vulnerable to a reflected cross-site scripting issue, which could be exploited by attackers to inject malicious code into the application.

Timeline

Published on: 10/06/2022 19:15:00 UTC
Last modified on: 10/12/2022 03:09:00 UTC

References

• https://brief-nymphea-813.notion.site/NR1800X-command-injection-setOpModeCfg-7b10868ba53544148d9aa3100b5df5cc
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41525