Vulnerabilities > CVE-2023-46992 - Unspecified vulnerability in Totolink A3300R Firmware 17.0.0Cu.557B20221024

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

totolink

NVD

Published: 2023-10-31

Updated: 2023-11-08

Summary

TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages.

Vulnerable Configurations

Part	Description	Count
OS	Totolink Totolink A3300R Firmware 17.0.0Cu.557_B20221024	1
Hardware	Totolink Totolink A3300R -	1

References

https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md