| Title | TOTOLINK LR350 V9.3.5u.6369 Authorization Bypass |
|---|
| Description | The TOTOLINK LR350 allows attackers to bypass login through the Form_Login function. By manipulating the authCode and goURL parameters, attackers can bypass authentication and access the home page. |
|---|
| Source | ⚠️ https://github.com/c0nyy/IoT_vuln/blob/main/TOTOLINK%20LR350%20Vuln.md |
|---|
| User | c0nyy (UID 76911) |
|---|
| Submission | 10/31/2024 05:02 AM (1 Year ago) |
|---|
| Moderation | 11/01/2024 06:59 AM (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 282667 [TOTOLINK LR350 up to 9.3.5u.6369 /formLoginAuth.htm authCode authorization] |
|---|
| Points | 17 |
|---|