Submit #269681: Totolink T8 V4.1.5cu.833_20220905 Insufficient Session Expirationinfo

TitleTotolink T8 V4.1.5cu.833_20220905 Insufficient Session Expiration
Description[NAME OF AFFECTED PRODUCT(S)] : Totolink T8 [AFFECTED VERSION(S)] : V4.1.5cu.833_20220905 [PROBLEM TYPE] : Insufficient Session Expiration [CWE] : CWE-613: Insufficient Session Expiration [Affected source code file] : cstecgi.cgi(web : /cgi-bin/cstecgi.cgi) [DESCRIPTION]: The login token does not expire after logging out. Totolink indicates the vulnerability has been fully patched in version 4.1.5cu.862_B20230228 and the latest patched version can be downloaded at https://download.totolink.tw/uploads/firmware/T8/TOTOLINK_T8_V4.1.5cu.862_B20230228.zip
Source⚠️ https://drive.google.com/file/d/1YPisSnxM5CwSLKFgs9w5k5MtNUgiijVo/view?usp=sharing
User
 lin7lic (UID 39301)
Submission01/18/2024 07:02 (2 years ago)
Moderation01/26/2024 13:41 (8 days later)
StatusAccepted
VulDB entry252188 [Totolink T8 4.1.5cu.833_20220905 /cgi-bin/cstecgi.cgi session expiration]
Points20

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!