Lucene search
MitreCVE-2023-46992HistoryOct 31, 2023 - 3:15 p.m.
CVE-2023-46992
2023-10-3115:15:09
CWE-284
mitre
web.nvd.nist.gov
17
cve-2023-46992
totolink a3300r
incorrect access control
vulnerability
nvd
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.002
Percentile
56.1%
TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages.
Affected configurations
Node
totolinka3300r_firmwareMatch17.0.0cu.557_b20221024
totolinka3300rMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| totolink | a3300r_firmware | 17.0.0cu.557_b20221024 | cpe:2.3:o:totolink:a3300r_firmware:17.0.0cu.557_b20221024:*:*:*:*:*:*:* |
| totolink | a3300r | - | cpe:2.3:h:totolink:a3300r:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-46992
2023-10-31 00:00:00
prion
prion
Design/Logic Flaw
2023-10-31 15:15:00
vulnrichment
vulnrichment
CVE-2023-46992
2023-10-31 00:00:00
nvd
nvd
CVE-2023-46992
2023-10-31 15:15:09
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.002
Percentile
56.1%
Related for CVE-2023-46992