CVE-2022-38308 Information

Description

TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the lang parameter in the function cstesystem. This vulnerability allows attackers to execute arbitrary commands via a crafted payload.

Reference

https://github.com/WhoisZkuan/TOTOlink-A700RU