Security Advisory
CVE-2018-13311
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to execute system commands via the "sambaUser" POST parameter.