NotCVE - vendor:"Totolink" product:"N200re V5 Firmware" version:"9.3.5u.6255

2 results (0.003 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 2

CVE-2024-0942 – Totolink N200RE V5 cstecgi.cgi session expiration

https://notcve.org/view.php?id=CVE-2024-0942

A vulnerability was found in Totolink N200RE V5 9.3.5u.6255_B20211224. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. It is possible to launch the attack remotely. • https://drive.google.com/file/d/1oWAGbmDtHDIUN1WSRAh4ZnuzHOuvTU4T/view?usp=sharing https://vuldb.com/?ctiid.252186 https://vuldb.com/?id.252186 https://vuldb.com/?submit.269679 https://youtu.be/b0tU2CiLbnU • CWE-613: Insufficient Session Expiration •

CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2022-46025

https://notcve.org/view.php?id=CVE-2022-46025

Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page. Totolink N200RE_V5 V9.3.5u.6255_B20211224 es vulnerable a un control de acceso incorrecto. El dispositivo permite a atacantes remotos obtener información del sistema Wi-Fi, como el SSID y la contraseña de Wi-Fi, sin iniciar sesión en la página de administración. • https://pastebin.com/aan5jT40 • CWE-284: Improper Access Control •