A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password.
The identification of this vulnerability is CVE-2024-7159. The attack needs to be approached within the local network. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.