CVE-2020-25499

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system’s ‘Run Command’. An attacker can use this functionality to execute arbitrary OS commands on the router.

Date published : 2020-12-09

https://www.totolink.net/home/index/newsss/id/196.html

https://github.com/kdoos/Vulnerabilities/blob/main/RCE_TOTOLINK-A3002RU-V2