ГлавнаяУязвимости → CVE-2024-36782
9.8критическая

CVE-2024-36782

Описание

TOTOLINK CP300 V2.0.4-B20201102 was discovered to contain a hardcoded password vulnerability in /etc/shadow.sample, which allows attackers to log in as root.

Затрагиваемое ПО
Totolink Cp300 firmwareTotolink Cp300
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20cp300/README.mdhttps://github.com/s4ndw1ch136/IOT-vuln-reports/blob/main/totolink%20cp300/README.md