CVE-2021-46006
published 2022-03-30CVE-2021-46006: In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple…
medium6.5CVSS 3.1
AVNACLPRLUINSUCNIHAN
In Totolink A3100R V5.9c.4577, "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| totolink | a3100r_firmware | — | — |