TOTOLINK A3100R Arbitrary Code Execution Vulnerability

A vulnerability allowing arbitrary code execution has been identified in the TOTOLINK A3100R router, specifically in the firmware version V4.1.2cu.5247_B20211129. The issue arises in the 'setWebWlanIdx' function within the file '/lib/cste_modules/wireless.so', where user input is not properly validated. This lack of input filtering enables remote attackers to execute malicious commands by exploiting MQTT or HTTP services.

Impact

Exploitation of this vulnerability allows for unauthorized execution of arbitrary commands on the affected router.

Reproduction

The vulnerability can be reproduced by sending a payload through the 'setWebWlanIdx' function via MQTT. The payload should include a command, such as appending text to a file in the '/tmp' directory. Once the command is executed, the specified file will be created or modified, demonstrating successful exploitation.