Command Injection Vulnerability in TOTOLINK NR1800X Router
CVE-2022-41518
9.8CRITICAL
What is CVE-2022-41518?
The TOTOLINK NR1800X V9.1.0u.6279_B20210910 router is susceptible to a command injection vulnerability found in the UploadFirmwareFile function located in /cgi-bin/cstecgi.cgi. This flaw can be exploited by an attacker to execute arbitrary commands on the device, potentially leading to unauthorized access and manipulation of the system.