CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-42966

Incorrect access control in TOTOLINK N350RT V9.3.5u.6139_B20201216 allows attackers to obtain the apmib configuration file, which contains the username and the password, via a crafted request to /cgi-bin/ExportSettings.sh.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/TTTJJJWWW/AHU-IoT-vulnerable/blob/main/TOTOLINK/N350R/ExportSettings.md

Products affected by CVE-2024-42966

Totolink » N350rt » Version: N/A

cpe:2.3:h:totolink:n350rt:-
Totolink » N350rt Firmware » Version: 9.3.5u.6139_b20201216

cpe:2.3:o:totolink:n350rt_firmware:9.3.5u.6139_b20201216

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-42966

Products

Pricing

Contact Us