CVE-2021-35324

Severity

9.8CRITICAL

EPSS

0.8%

top 26.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 5

Latest updateMay 24

Description

A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

▶NVDtotolink/a720r_firmware4.1.5cu.470_b20200911

GHSA

GHSA-rgh5-46m9-6gc9: A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4↗2022-05-24

▶

CVEList

CVE-2021-35324: A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4↗2021-08-05

▶