upgrade.so-setUpgradeFW-FileName

[CVE-ID]

[PRODUCT]

TOTOLINK

[Vendor of Product]

https://www.totolink.net/

[VERSION]

EX1200T V4.1.2cu.5232_B20210713

[Firmware]

https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/148/ids/36.html

[Vulnerability Type]

RCE

[Description]

The TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter.

The filename parameter serves as the entry point, and ultimately, the filename will be input into s_1, which is then executed by the system.

image.png

image.png