| عنوان | TOTOLINK N200RE Hard-coded TELNET Password |
|---|
| الوصف | Firmware download URL : https://www.totolink.net/data/upload/20220412/f4af1692a53e6c25e8beeeab3c481e54.rar
The default account password exists in the file /squashfs-root/etc_ro/custom.conf (use binwalk with Download Fireware file)
An attacker can log into the telnet service with a hard-coded password while the Telnet service is up.
The attacker can use the obtained password to log in from Telnet.
Affect the ewest Version: V9.3.5u.6255_B20211224
|
|---|
| المصدر | ⚠️ https://drive.google.com/file/d/1RITXRvKele5aW42YFk0JeQHCq2B63lUj/view?usp=share_link |
|---|
| المستخدم | lin7lic (UID 39301) |
|---|
| ارسال | 11/05/2023 04:16 AM (3 سنوات منذ) |
|---|
| الاعتدال | 18/05/2023 02:10 PM (7 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 229374 [TOTOLINK N200RE 9.3.5u.6255_B20211224 Telnet Service custom.conf الكشف عن المعلومات] |
|---|
| النقاط | 20 |
|---|