CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-13317

Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to obtain the plaintext password for the admin user by making a GET request for password.htm.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.9%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154

Products affected by CVE-2018-13317

Totolink » A3002ru » Version: N/A

cpe:2.3:h:totolink:a3002ru:-
Totolink » A3002ru Firmware » Version: 1.0.8

cpe:2.3:o:totolink:a3002ru_firmware:1.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-13317

Products

Pricing

Contact Us