| 标题 | TOTOLINK A720R V4.1.5cu.374 Improper Access Controls |
|---|
| 描述 | The TOTOLINK A720R V4.1.5cu.374 firmware contains an unauthenticated diagnostic log clearing vulnerability. An attacker can exploit this flaw by sending a crafted POST request with the parameter {"topicurl":"clearDiagnosisLog"} to /cgi-bin/cstecgi.cgi, allowing unauthorized clearing of system diagnostic logs without authentication. |
|---|
| 来源 | ⚠️ https://github.com/at0de/my_vulns/blob/main/TOTOLINK/A720R/clearDiagnosisLog.md |
|---|
| 用户 | 153528990 (UID 64409) |
|---|
| 提交 | 2025-04-22 03時48分 (12 月前) |
|---|
| 管理 | 2025-05-04 20時24分 (13 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 307373 [TOTOLINK A720R 4.1.5cu.374 Log /cgi-bin/cstecgi.cgi topicurl 权限提升] |
|---|
| 积分 | 19 |
|---|