Описание
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- Permissions RequiredVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Product
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Одновременно
EPSS
2.5 Low
CVSS3
7 High
CVSS3
1 Low
CVSS2
Дефекты
Связанные уязвимости
A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. The affected element is an unknown function of the file /etc/shadow.sample of the component Administrative Interface. The manipulation results in use of default credentials. Attacking locally is a requirement. Attacks of this nature are highly complex. The exploitability is described as difficult. The exploit has been released to the public and may be exploited.
Уязвимость компонента Administrative Interface файла /etc/shadow.sample микропрограммного обеспечения маршрутизаторов Totolink X2000R, позволяющая нарушителю обойти существующие ограничения безопасности
EPSS
2.5 Low
CVSS3
7 High
CVSS3
1 Low
CVSS2