CVE-2024-7155 | TOTOLINK A3300R 17.0.0cu.557_B20221024 /etc/shadow.sample hard-coded password

Posted by Angelo Barbosa | Jul 27, 2024 | CVE

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password.

This vulnerability is known as CVE-2024-7155. It is possible to launch the attack on the local host. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7155 | TOTOLINK A3300R 17.0.0cu.557_B20221024 /etc/shadow.sample hard-coded password

Related Posts

CVE-2024-8897 | Mozilla Firefox up to 130.0.0 on Android Address Bar redirect

CVE-2024-42408 | Dorsett Controls InfoScan 1.32/1.33/1.35 Client Download Page path traversal (icsa-24-221-01)

CVE-2023-47542 | Fortinet FortiManager up to 7.0.10/7.2.4/7.4.1 Template special elements used in a template engine (FG-IR-23-419)

CVE-2023-52805 | Linux Kernel up to 6.6.2 jfs array index