Telnet Configuration Vulnerability in TOTOLINK CP450 Router
CVE-2024-34219

8.6HIGH

Key Information:

Vendor: TOTOLINK
Status: Cp450 Firmware
Vendor: CVE Published:; 14 May 2024

Summary

A vulnerability has been identified in the TOTOLINK CP450 router that affects the SetTelnetCfg function. This flaw enables attackers to gain unauthorized access to the device via telnet, potentially compromising the security of the network. The vulnerability underscores the importance of securing telnet access on network devices and implementing best practices in router configuration to safeguard sensitive information from unauthorized users.

References

https://github.com/n0wstr/IOTVuln/tree/main/CP450/SetTeln...

CVSS V3.1

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 14, 2024