exploitDog

GHSA-m6vv-4wpw-vqfc

Опубликовано: 15 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519 are vulnerable to Incorrect Access Control. Attackers can send payloads to the interface without logging in (remote).

TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519 are vulnerable to Incorrect Access Control. Attackers can send payloads to the interface without logging in (remote).

Ссылки

EPSS

Процентиль: 32%

0.00124

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-55895

CVSS3: 9.1

nvd

около 2 месяцев назад

TOTOLINK A3300R V17.0.0cu.557_B20221024 and N200RE V9.3.5u.6448_B20240521 and V9.3.5u.6437_B20230519 are vulnerable to Incorrect Access Control. Attackers can send payloads to the interface without logging in (remote).

EPSS

Процентиль: 32%

0.00124

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-284