System Command Injection Vulnerability in TOTOLINK A3002RU Router
CVE-2018-13306
9.8CRITICAL
What is CVE-2018-13306?
The TOTOLINK A3002RU Router version 1.0.8 contains a security vulnerability that allows attackers to perform system command injection via the 'ftpUser' POST parameter. This flaw potentially enables malicious users to execute arbitrary system commands on the affected device, posing significant risks to network integrity and data confidentiality.
