CVE-2021-42892Hard-coded Credentials in Ex1200t Firmware

CWE-798Hard-coded Credentials3 documents3 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 64.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Totolink Ex1200t Firmware
Timeline
PublishedJun 3
Latest updateJun 4

Description

In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

NVDtotolink/ex1200t_firmware4.1.2cu.5215

🔴Vulnerability Details

2
GHSA
GHSA-26pp-v5jf-7qcc: In TOTOLINK EX1200T V42022-06-04
CVEList
CVE-2021-42892: In TOTOLINK EX1200T V42022-06-03
CVE-2021-42892 — Hard-coded Credentials | cvebase