CVE-2015-9550

First published: Tue Nov 24 2020(Updated: )

An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Totolink A850r-v1 Firmware	<1.0.1-b20150707.1612
TOTOLINK A850R-V1
Totolink F1-v2 Firmware	<2.1.1-b20150708.1646
Totolink F1-v2
Totolink F2-v1 Firmware	<2.1.0-b20150320.1611
Totolink F2-v1
Totolink N150rt-v2 Firmware	<2.1.1-b20150708.1548
Totolink N150rt-v2
Totolink N151rt-v2 Firmware	<1.1-b20150708.1559
Totolink N151rt-v2
Totolink N300rh-v2 Firmware	<2.0.1-b20150708.1625
Totolink N300rh-v2
Totolink N300rh-v3 Firmware	<3.0.0-b20150331.0858
Totolink N300rh-v3
Totolink N300rt-v2 Firmware	<2.1.1-b20150708.1613
Totolink N300rt-v2

Never miss a vulnerability like this again

Reference Links

https://pierrekim.github.io/blog/2015-07-16-backdoor-and-RCE-found-in-8-TOTOLINK-products.html

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.