CVE-2024-8580 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /etc/shadow.sample hard-coded password

Inserito da Angelo Barbosa | Set 7, 2024 | CVE

A vulnerability classified as critical was found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. This vulnerability affects unknown code of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password.

This vulnerability was named CVE-2024-8580. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8580 | TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 /etc/shadow.sample hard-coded password

Post correlati

CVE-2024-20437 | Cisco IOS XE up to 17.12.1y Web UI cross-site request forgery (cisco-sa-webui-csrf-ycUYxkKO)

CVE-2024-47825 | Cilium up to 1.14.15/1.15.9 default permission (GHSA-3wwx-63fv-pfq6)

CVE-2024-45797 | OISF libhtp up to 0.5.48 HTTP Protocol Parser allocation of resources (ID 7191)

CVE-2024-21872 | Electrolink Compact DAB Transmitter cookie validation (icsa-24-107-02)