Unrated severityNVD Advisory· Published Feb 18, 2022· Updated Aug 3, 2024
CVE-2022-25136
CVE-2022-25136
Description
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.
Affected products
3- TOTOLINK Technology/T6/T10 routersdescription
Patches
Vulnerability mechanics
References
1- github.com/pjqwudi1/my_vuln/blob/main/totolink/vuln_17/17.mdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.