A3100r Firmware Security Vulnerabilities and Issues — A3100r Firmware CVE List

Lucene search

TotolinkA3100r Firmware

3 matches found

CVE•added 2022/03/30 11:15 p.m.•83 views

CVE-2021-46010

Totolink A3100R V5.9c.4577 suffers from Use of Insufficiently Random Values via the web configuration. The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations.

8.8CVSS8.7AI score0.00863EPSS

CVE•added 2022/03/30 11:15 p.m.•62 views

CVE-2021-46008

In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on.

8.8CVSS8.7AI score0.00168EPSS

CVE•added 2024/07/28 2:15 p.m.•42 views

CVE-2024-7158

A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as critical. This vulnerability affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument telnet_enabled leads to command i...

8.8CVSS7AI score0.0696EPSS