CVE-2015-9550

CWE-668Exposure to Wrong Sphere3 documents3 sources
Severity
7.5HIGH
EPSS
0.4%
top 41.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Totolink A850r-v1 FirmwareTotolink F1-v2 FirmwareTotolink F2-v1 Firmware+5 more
Timeline
PublishedNov 24
Latest updateMay 24

Description

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages8 packages

NVDtotolink/a850r-v1_firmware< 1.0.1-b20150707.1612
NVDtotolink/f1-v2_firmware< 2.1.1-b20150708.1646
NVDtotolink/f2-v1_firmware< 2.1.0-b20150320.1611
NVDtotolink/n150rt-v2_firmware< 2.1.1-b20150708.1548
NVDtotolink/n151rt-v2_firmware< 1.1-b20150708.1559

🔴Vulnerability Details

2
GHSA
GHSA-9hxw-w8qr-8whf: An issue was discovered on TOTOLINK A850R-V1 through 12022-05-24
CVEList
CVE-2015-9550: An issue was discovered on TOTOLINK A850R-V1 through 12020-11-24
CVE-2015-9550 (HIGH CVSS 7.5) | An issue was discovered on TOTOLINK | cvebase.io