TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘merge’ parameter of the setRptWizardCfg interface of the cstecgi .cgi.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Ex1800t_firmware | Totolink | 9.1.0cu.2112_b20220316 (including) | 9.1.0cu.2112_b20220316 (including) |