exploitDog

CVE-2022-46025

Опубликовано: 10 янв. 2024

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page.

Ссылки

https://pastebin.com/aan5jT40
Patch
Third Party Advisory
https://pastebin.com/aan5jT40
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:totolink:n200re_v5_firmware:9.3.5u.6255_b20211224:*:*:*:*:*:*:*

cpe:2.3:h:totolink:n200re_v5:-:*:*:*:*:*:*:*

EPSS

Процентиль: 82%

0.0172

Низкий

9.1 Critical

CVSS3

Дефекты

NVD-CWE-Other

CWE-284

Связанные уязвимости

GHSA-vggm-vvxj-ggq4

CVSS3: 9.1

github

около 2 лет назад

Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page.

EPSS

Процентиль: 82%

0.0172

Низкий

9.1 Critical

CVSS3

Дефекты

NVD-CWE-Other

CWE-284