Command Injection Vulnerability in TOTOLink N600R Router
CVE-2022-28908
9.8CRITICAL
What is CVE-2022-28908?
The TOTOLink N600R router has been found to contain a command injection vulnerability that can be exploited through the 'ipdoamin' parameter in the '/setting/setDiagnosisCfg' endpoint. This vulnerability allows an attacker to execute arbitrary commands on the device, posing a significant risk to the integrity and security of the affected network. Users are advised to apply relevant security patches and follow best practices to mitigate potential threats.
