VYPR
Unrated severityNVD Advisory· Published Mar 30, 2022· Updated Aug 4, 2024

CVE-2021-46006

CVE-2021-46006

Description

In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication.

Affected products

2
  • Totolink/A3100Rcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = V5.9c.4577

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.