Lucene search

K

MitreCVELIST:CVE-2024-42967

HistoryAug 15, 2024 - 12:00 a.m.

CVE-2024-42967

2024-08-1500:00:00

mitre

www.cve.org

3

totolink lr350

access control

configuration file

crafted request

EPSS

0.009

Percentile

83.1%

Incorrect access control in TOTOLINK LR350 V9.3.5u.6369_B20220309 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

References

github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/LR350/ExportSettings.md

EPSS

0.009

Percentile

83.1%

Related for CVELIST:CVE-2024-42967

vulnrichment1 cve1 nvd1