Access Control Flaw in TOTOLINK A3002RU Router
CVE-2018-13315
9.8CRITICAL
What is CVE-2018-13315?
An access control vulnerability in the TOTOLINK A3002RU router allows unauthorized users to change the admin password through an unauthenticated POST request in the formPasswordSetup function. This flaw poses a significant risk as it enables attackers to gain control over the router's admin functions without proper authentication, potentially compromising the entire network.