Unrated severityNVD Advisory· Published Mar 30, 2022· Updated Aug 4, 2024
CVE-2021-46010
CVE-2021-46010
Description
Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.
Affected products
2Patches
Vulnerability mechanics
References
3- a3100r.commitrex_refsource_MISC
- totolink.commitrex_refsource_MISC
- hackmd.io/Ynwm8NnQSiK0xm7QKuNtegmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.