PT-2022-11737 · Totolink · Totolink Ex1200T
Published
2022-06-03
·
Updated
2022-06-13
·
CVE-2021-42892
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
TOTOLINK EX1200T version 4.1.2cu.5215
Description
The issue allows an attacker to start telnet without authorization due to the existence of a default username and password in the firmware.
Recommendations
For TOTOLINK EX1200T version 4.1.2cu.5215, consider changing the default username and password to prevent unauthorized access via telnet. As a temporary workaround, restrict access to telnet until a patch is available.
Exploit
Fix
Using Hardcoded Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Totolink Ex1200T