VYPR
Unrated severityNVD Advisory· Published Mar 30, 2022· Updated Aug 4, 2024

CVE-2021-46010

CVE-2021-46010

Description

Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.

Affected products

2
  • Totolink/A3100Rcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = V5.9c.4577

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.