COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-46009

CVE-2021-46009

Severity
critical
Source
NVD · cve
Published
2022-03-30
CVSS
9.8
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-46009
shame 35/100

In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies.

Players implicated

totolink · vendora3100r · producta3100r firmware · product

Description

In Totolink A3100R V5.9c.4577, multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.