CVE-2024-7159
CVE-2024-7159
Título es
CVE-2024-7159
Dom, 28/07/2024 – 15:15
Tipo
CWE-259
Gravedad v2.0
4.90
Gravedad 2.0 Txt
MEDIUM
Título en
CVE-2024-7159
Descripción en
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been rated as critical. This issue affects some unknown processing of the file /web_cste/cgi-bin/product.ini of the component Telnet Service. The manipulation leads to use of hard-coded password. The exploit has been disclosed to the public and may be used. The identifier VDB-272573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
28/07/2024
28/07/2024
Vector CVSS:3.1
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vector CVSS:2.0
AV:A/AC:M/Au:S/C:P/I:P/A:P
Gravedad 3.1 (CVSS 3.1 Base Score)
5.50
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
Enviar en el boletín
Off
