What is CVE-2022-25084?

CVE-2022-25084 is a vulnerability in N/a. Published 2022-02-22.

Is CVE-2022-25084 known to be exploited?

13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-25084

TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.

EPSS: 0.843 (99.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
20142995/Goby
20142995/nuclei-templates
ARPSyndicate/cvemon
ArrestX/--POC
AzhariRamadhan/CVE-tplink-cp210-Command-Injection
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
Threekiii/Awesome-POC
XiaomingX/awesome-poc-for-red-team

References

github.com/EPhaha/IOT_vuln/blob/main/TOTOLink/T6/README.md (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-25084?: CVE-2022-25084 is a vulnerability in N/a. Published 2022-02-22.
Is CVE-2022-25084 known to be exploited?: 13 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.