Описание
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:totolink:cp300_firmware:2.0.4-b20201102:*:*:*:*:*:*:*
cpe:2.3:h:totolink:cp300:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00488
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-798
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.
EPSS
Процентиль: 65%
0.00488
Низкий
9.8 Critical
CVSS3
Дефекты
CWE-798