CVE-2024-8162 | TOTOLINK T10 AC1200 4.1.8cu.5207 Telnet Service product.ini hard-coded credentials

Posted by Angelo Barbosa | Aug 26, 2024 | CVE

A vulnerability classified as critical has been found in TOTOLINK T10 AC1200 4.1.8cu.5207. Affected is an unknown function of the file /squashfs-root/web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to hard-coded credentials.

This vulnerability is traded as CVE-2024-8162. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-8162 | TOTOLINK T10 AC1200 4.1.8cu.5207 Telnet Service product.ini hard-coded credentials

Related Posts

CVE-2024-7378 | SourceCodester Simple Realtime Quiz System 1.0 /manage_question.php id sql injection

CVE-2023-38729 | IBM DB2/DB2 Connect 10.5/11.1/11.5 IMPORT information disclosure (XFDB-262259)

CVE-2022-48577 | Apple macOS APFS Privilege Escalation

CVE-2023-45222 | Westermo Lynx 206-F2G 4.24 autorefresh cross site scripting (icsa-24-023-04)