Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 2:59 a.m.7 views

CVE-2018-13313

In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user knows their current password before allowing them to change their password. However, this JavaScript...

6.5CVSS6.9AI score0.01015EPSS
Exploits1References1
Circl
Circl
added 2025/02/27 5:30 p.m.8 views

CVE-2018-13313

creationtimestamp| type| source ---|---|--- 2025-02-27 17:30:25+00:00| seen| https://infosec.exchange/users/iagox86/statuses/114077035740917101...

6.5CVSS7AI score0.01015EPSS
Exploits1References1
Cvelist
Cvelist
added 2020/02/24 6:16 p.m.25 views

CVE-2018-13313 Admin Password returned in password.htm

In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user knows their current password before allowing them to change their password. However, this JavaScript...

6.5AI score0.01015EPSS
Exploits1References2
CVE
CVE
added 2020/02/24 6:16 p.m.56 views

CVE-2018-13313

CVE-2018-13313 affects TOTOLINK A3002RU (firmware 1.0.8). The password.htm page uses JavaScript that confirms knowledge of the current password, but the script transmits the user’s current password in plaintext, creating a confidentiality risk for users of the router. The connected documents cons...

6.5CVSS6.5AI score0.01015EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder