Published: 26/08/2024 Updated: 27/08/2024

A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerable Product	Search on Vulmon	Subscribe to Product
totolink t10 v2 firmware 4.1.8cu.5207
totolink t10 ac1200
totolink t10 firmware 4.1.8cu.5207

TOTOLINK Manufacturer's website：wwwtotolinknet/ Product Information T10 - Wireless AC1200 Dual Band Smart Mesh Gigabit Router Affected Version V2_V418cu5207 Download Firmware totolinkcommy/products/t10/ Vulnerability CWE-798: Use of Hard-coded Credentials POC Impact Gaining unauthorized access to the Telnet service Assigned CVE CVE-2024-8162

CWE-798 https://nvd.nist.gov https://github.com/rohitburke/TOTOLINK https://www.first.org/epss https://github.com/rohitburke/TOTOLINK https://vuldb.com/?ctiid.275760 https://vuldb.com/?id.275760 https://vuldb.com/?submit.392015 https://www.totolink.net/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-8162

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect