إرسال #521567: TOTOLINK A3000RU A3000RU_Firmware V5.9c.5185 Improper Access Controlsالمعلومات

عنوانTOTOLINK A3000RU A3000RU_Firmware V5.9c.5185 Improper Access Controls
الوصفIn TOTOLINK A3000RU_Firmware V5.9c.5185, an attacker can obtain the ibms configuration file without authorization through /cgi-bin/ExportIbmsConfig.sh. When making a request to /cgi-bin/ExportIbmsConfig.sh, the attacker can obtain the ibms configuration file ibms_config-xxxxxxxx.tar.gz without authorization.
المصدر⚠️ https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3000RU-ExportIbmsConfig-1b953a41781f80b89397e8c34717eb94?pvs=4
المستخدم
 yhryhryhr_miemie (UID 65492)
ارسال17/03/2025 08:46 AM (1 سنة منذ)
الاعتدال29/03/2025 08:41 PM (12 days later)
الحالةتمت الموافقة
إدخال VulDB302008 [TOTOLINK A3000RU حتى 5.9c.5185 IBMS Configuration File ExportIbmsConfig.sh تجاوز الصلاحيات]
النقاط15

التالي نظرة عامة السابق

Do you know our Splunk app?

Download it now for free!