A vulnerability classified as very critical was found in Totolink CP900L 4.1.5cu.798_B20221228. This vulnerability affects unknown code of the file /web_cste/cgi-bin/product.ini of the component Telnet. The manipulation leads to use of hard-coded password.
This vulnerability was named CVE-2024-35396. The attack can be initiated remotely. There is no exploit available.
It is recommended to apply restrictive firewalling.