إرسال #521570: TOTOLINK A3000RU A3000RU_Firmware V5.9c.5185 Improper Access Controlsالمعلومات

عنوانTOTOLINK A3000RU A3000RU_Firmware V5.9c.5185 Improper Access Controls
الوصفIn TOTOLINK A3000RU_Firmware V5.9c.5185, an attacker can obtain the syslog configuration file without authorization through /cgi-bin/ExportSyslog.sh. When making a request to /cgi-bin/ExportSyslog.sh, the attacker can obtain the syslog configuration file syslog--xxxxxxxx.dat without authorization.
المصدر⚠️ https://lavender-bicycle-a5a.notion.site/TOTOLINK-A3000RU-ExportSyslog-1b953a41781f8064970dc7809a52ac6c?pvs=4
المستخدم
 wxhwxhwxh_mie (UID 66748)
ارسال17/03/2025 08:48 AM (1 سنة منذ)
الاعتدال23/03/2025 10:31 AM (6 days later)
الحالةتمت الموافقة
إدخال VulDB300709 [TOTOLINK A3000RU حتى 5.9c.5185 Syslog Configuration File /cgi-bin/ExportSyslog.sh تجاوز الصلاحيات]
النقاط15

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!