CVE-2024-10654 | TOTOLINK LR350 up to 9.3.5u.6369 /formLoginAuth.htm authCode authorization

Inserito da Angelo Barbosa | Nov 1, 2024 | CVE

A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass.

This vulnerability is known as CVE-2024-10654. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2024-10654 | TOTOLINK LR350 up to 9.3.5u.6369 /formLoginAuth.htm authCode authorization

Post correlati

CVE-2024-1326 | jegtheme Jeg Elementor Kit Plugin up to 2.6.2 on WordPress HTML Tag Attribute cross site scripting

CVE-2024-43853 | Linux Kernel up to 6.1.102/6.6.43/6.10.2 cpuset proc_cpuset_show use after free

CVE-2024-3598 | ElementsKit Pro Plugin up to 3.6.0 on WordPress ekit_btn_id cross site scripting

CVE-2024-21169 | Oracle Marketing up to 12.2.13 Partners Remote Code Execution