Submit #269679: Totolink N200RE_V5 V9.3.5u.6255_B20211224 Insufficient Session Expirationinfo

TitleTotolink N200RE_V5 V9.3.5u.6255_B20211224 Insufficient Session Expiration
Description[NAME OF AFFECTED PRODUCT(S)] : Totolink N200RE_V5 [AFFECTED VERSION(S)] : V9.3.5u.6255_B20211224 [PROBLEM TYPE] : Insufficient Session Expiration [CWE] : CWE-613: Insufficient Session Expiration [Affected source code file] : cstecgi.cgi(web : /cgi-bin/cstecgi.cgi) [DESCRIPTION]: The login token does not expire after logging out. Totolink indicates the vulnerability has been fully patched in version V9.3.5u.6255_B20211224 and the latest patched version can be downloaded at https://www.totolink.net/home/menu/detail/menu_listtpl/download/id/204/ids/36.html Demo Video : https://youtu.be/b0tU2CiLbnU
Source⚠️ https://drive.google.com/file/d/1oWAGbmDtHDIUN1WSRAh4ZnuzHOuvTU4T/view?usp=sharing
Userlin7lic (ID 39301)
Submission01/18/2024 07:00 AM (4 months ago)
Moderation01/26/2024 01:37 PM (8 days later)
StatusAccepted
VulDB Entry252186

Do you want to use VulDB in your project?

Use the official API to access entries easily!