A vulnerability, which was classified as problematic, was found in TOTOLINK A3700R 9.1.2u.5822_B20200513. Affected is an unknown function of the file /wizard.html of the component Password Reset Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-272568. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
History

Thu, 08 Aug 2024 13:00:00 +0000

Type Values Removed Values Added
First Time appeared Totolink
Totolink a3700r
Totolink a3700r Firmware
Weaknesses CWE-306
CPEs cpe:2.3:h:totolink:a3700r:-:*:*:*:*:*:*:*
cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.5822_b20200513:*:*:*:*:*:*:*
Vendors & Products Totolink
Totolink a3700r
Totolink a3700r Firmware

cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-07-28T09:31:04.048Z

Updated: 2024-08-01T21:52:30.686Z

Reserved: 2024-07-27T17:27:14.788Z

Link: CVE-2024-7154

cve-icon Vulnrichment

Updated: 2024-08-01T21:52:30.686Z

cve-icon NVD

Status : Modified

Published: 2024-07-28T10:15:01.897

Modified: 2024-11-21T09:50:57.360

Link: CVE-2024-7154

cve-icon Redhat

No data.