| Titel | Totolink N350RT V9.3.5u.6255 Insufficient Session Expiration |
|---|
| Beschreibung | [NAME OF AFFECTED PRODUCT(S)] : Totolink N350RT
[AFFECTED VERSION(S)] : V9.3.5u.6255
[PROBLEM TYPE] : Insufficient Session Expiration
[CWE] : CWE-613: Insufficient Session Expiration
[Affected source code file] : cstecgi.cgi(web : /cgi-bin/cstecgi.cgi)
[DESCRIPTION]:
The login token does not expire after logging out.
Totolink indicates the vulnerability has been fully patched in version V9.3.5u.6255 and the latest patched version can be downloaded at https://www.totolink.net/home/menu/detail/menu_listtpl/products/id/206/ids/33.html |
|---|
| Quelle | ⚠️ https://drive.google.com/file/d/1OBs4kc1KvbqrMhQHs54WtwxxxiBoI0hL/view?usp=sharing |
|---|
| Benutzer | lin7lic (UID 39301) |
|---|
| Einreichung | 18.01.2024 07:01 (vor 2 Jahren) |
|---|
| Moderieren | 26.01.2024 13:40 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 252187 [Totolink N350RT 9.3.5u.6255 /cgi-bin/cstecgi.cgi schwache Authentisierung] |
|---|
| Punkte | 20 |
|---|