Insecure Permissions Vulnerability in TOTOLINK A3002R Router
CVE-2022-40109
9.8CRITICAL
What is CVE-2022-40109?
The TOTOLINK A3002R router is susceptible to insecure permissions on the binary file /bin/boa, which can potentially allow unauthorized access and manipulation of the device's settings. This vulnerability enables malicious actors to exploit the permissions and gain elevated access to the system, potentially compromising the integrity and confidentiality of the router's operation. Users of this router model need to be aware of this security risk and take appropriate measures to secure their devices.