CVE-2024-7159 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 Telnet Service product.ini hard-coded password

A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password.

The identification of this vulnerability is CVE-2024-7159. The attack needs to be approached within the local network. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7159 | TOTOLINK A3600R 4.1.2cu.5182_B20201102 Telnet Service product.ini hard-coded password

Related Posts

CVE-2024-28187 | inunosinsi soycms up to 3.14.1 jpegoptim os command injection (GHSA-qg3q-hfgc-5jmm)

CVE-2024-31211 | WordPress 6.4.0/6.4.1 WP_HTML_Token deserialization (GHSA-m257-q4m5-j653)

CVE-2023-33218 | IDEMIA SIGMA Lite & Lite + Command Zone Read/Zone Write stack-based overflow

CVE-2023-49713 | Jtekt Electronics GC-A22W-CW NetBIOS Service denial of service