CVE-2024-35396 | Totolink CP900L 4.1.5cu.798_B20221228 Telnet product.ini hard-coded password

Inserito da Angelo Barbosa | Mag 24, 2024 | CVE

A vulnerability classified as very critical was found in Totolink CP900L 4.1.5cu.798_B20221228. This vulnerability affects unknown code of the file /web_cste/cgi-bin/product.ini of the component Telnet. The manipulation leads to use of hard-coded password.

This vulnerability was named CVE-2024-35396. The attack can be initiated remotely. There is no exploit available.

It is recommended to apply restrictive firewalling.

CVE-2024-35396 | Totolink CP900L 4.1.5cu.798_B20221228 Telnet product.ini hard-coded password

Post correlati

CVE-2024-2831 | kieranoshea Calendar Plugin up to 1.3.14 on WordPress information disclosure

CVE-2024-38581 | Linux Kernel up to 6.1.92/6.6.32/6.8.11 amdgpu_mes.c use after free

CVE-2023-44120 | Siemens Spectrum Power 7 prior V23Q4 sudo Configuration permission assignment (ssa-786191)

CVE-2024-32441 | Zoho Campaigns Plugin up to 2.0.7 on WordPress cross-site request forgery