Command Injection Vulnerability in TOTOlink Router by TOTOlink
CVE-2022-46631
9.8CRITICAL
What is CVE-2022-46631?
The TOTOlink A7100RU router is susceptible to a command injection vulnerability through the wscDisabled parameter in the setting/setWiFiSignalCfg function. An attacker could exploit this flaw to execute arbitrary commands on the device, jeopardizing the security of network configurations and potentially leading to unauthorized access. Users are encouraged to check for updates and apply security patches to mitigate risks.
