Submit #189820: Blind remote OS command injection in Host Name on TOTOLink EX1200Linfo

TitleBlind remote OS command injection in Host Name on TOTOLink EX1200L
Description## Description and impact Function `setWanCfg` executes os command `echo` to overwrite hostname. An attacker can execute remote os command using crafted payload at `Host Name`. ## Root-cause When the function `setWanCfg` is called, it crafts os command following syntax `echo '%s' > /proc/sys/kernel/hostname`. The value of `Host name` is not validated. An attacker can send crafted payload to execute OS command. ![image](https://user-images.githubusercontent.com/29118926/257681580-135b9274-1f06-4a2b-b5cd-6c820e78a178.png)
Source⚠️ https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8
User
 dmknght (UID 51830)
Submission08/02/2023 04:38 (3 years ago)
Moderation08/18/2023 10:04 (16 days later)
StatusAccepted
VulDB entry237515 [TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 setWanCfg os command injection]
Points20

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!