Command Injection Vulnerability in TOTOLINK A3002RU Router
CVE-2018-13311
9.8CRITICAL
What is CVE-2018-13311?
A command injection vulnerability exists in the formDlna functionality of the TOTOLINK A3002RU router, specifically in version 1.0.8. This vulnerability allows attackers to execute arbitrary system commands remotely by manipulating the 'sambaUser' parameter within a POST request. Exploiting this flaw can lead to unauthorized access and control over the affected device, potentially compromising the integrity of the network.