Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2021-42887 — Ex1200t Firmware vulnerability

4 documents4 sources

Severity

9.8CRITICALNVD

EPSS

61.3%

top 1.67%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Timeline

PublishedJun 3

Latest updateJun 4

Description

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can bypass login by sending a specific request through formLoginAuth.htm.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

GHSA

GHSA-fjcg-55pq-vx59: In TOTOLINK EX1200T V4↗2022-06-04

▶

CVEList

CVE-2021-42887: In TOTOLINK EX1200T V4↗2022-06-03

▶

Nuclei

TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass

▶