A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is an unknown function of the file /wizard.html of the component Password Reset Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272568. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Metrics
Affected Vendors & Products
References
History
Thu, 08 Aug 2024 13:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Totolink
Totolink a3700r Totolink a3700r Firmware |
|
Weaknesses | CWE-306 | |
CPEs | cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:* cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.5822_b20200513:*:*:*:*:*:*:* |
|
Vendors & Products |
Totolink
Totolink a3700r Totolink a3700r Firmware |
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2024-07-28T09:31:04.048Z
Updated: 2024-08-01T21:52:30.686Z
Reserved: 2024-07-27T17:27:14.788Z
Link: CVE-2024-7154
Vulnrichment
Updated: 2024-08-01T21:52:30.686Z
NVD
Status : Modified
Published: 2024-07-28T10:15:01.897
Modified: 2024-11-21T09:50:57.360
Link: CVE-2024-7154
Redhat
No data.