CVE-2024-1661 | Totolink X6000R 9.4.0cu.852_B20230719 /etc/shadow hard-coded credentials

Inserito da Angelo Barbosa | Feb 20, 2024 | CVE

A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials.

This vulnerability is known as CVE-2024-1661. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-1661 | Totolink X6000R 9.4.0cu.852_B20230719 /etc/shadow hard-coded credentials

Post correlati

CVE-2024-4934 | Quiz and Survey Master Plugin up to 9.0.1 on WordPress cross site scripting

CVE-2022-48692 | Linux Kernel up to 5.15.67/5.19.8 null pointer dereference

CVE-2024-29846 | Ivanti Endpoint Manager GetVulnerabilitiesDataTable sql injection

CVE-2023-45595 | AiLux imx6 up to 1.0.7-1 file_configuration unrestricted upload