TOTOLINK T8 V4.1.5cu was discovered to contain a command injection vulnerability via the slaveIpList parameter in the function setUpgradeFW.
2023-02-03T16:15:14.667
2025-03-26T16:15:18.787
Modified
CVSSv3.1: 9.8 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | totolink | t8_firmware | v4.1.5cu | Yes |
| Hardware | totolink | t8 | - | No |