CVE-2022-29644

Name of the Vulnerable Software and Affected Versions TOTOLINK A3100R versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129

Description A hard-coded password for the telnet service was found in the /web cste/cgi-bin/product.ini component. This issue affects the telnet service, where a hard-coded password is stored, potentially allowing unauthorized access.

Recommendations For versions V4.1.2cu.5050 B20200504 through V4.1.2cu.5247 B20211129, consider disabling the telnet service until a patch is available to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.