CVE-2022-28492

Vulnerability

TOTOLINK Technology CPE CP900 running firmware version V6.3c.566 contains an authentication bypass vulnerability [1]. The vulnerability allows remote attackers to bypass the login process without valid credentials, due to improper handling of authentication mechanisms in the web interface [1].

Exploitation

An attacker does not require any prior authentication, user interaction, or local access to exploit this vulnerability [1]. The attack can be performed remotely over the network by sending crafted requests to the vulnerable web interface of the device [1]. The exploitation process likely involves manipulating session tokens, authentication parameters, or exploiting a missing access control check in the login flow [1].

Impact

Successful exploitation allows an attacker to bypass the login prompt and gain unauthorized access to the device's web management interface [1]. This could lead to full compromise of the CPE device, including the ability to change network configurations, intercept traffic, or disrupt connectivity [1].

Mitigation

As of the publication date, no patch or updated firmware version has been released by TOTOLINK to address this vulnerability [1]. Affected users should restrict network access to the device's management interface to trusted IP addresses only, and monitor vendor updates for a firmware fix [1].