CVE-2021-46008
First published: Wed Mar 30 2022(Updated: )
In totolink a3100r V5.9c.4577, the hard-coded telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet is function turned on.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink A3100r Firmware | =5.9c.4577 | |
| TOTOLink A3100R |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this totolink a3100r firmware vulnerability?
The vulnerability ID is CVE-2021-46008.
What is the severity level of CVE-2021-46008?
The severity level of CVE-2021-46008 is high, with a score of 8.8.
How can the hard-coded telnet password be discovered in totolink a3100r V5.9c.4577?
The hard-coded telnet password can be discovered from the official released firmware of totolink a3100r V5.9c.4577.
What can an attacker do if they discover the hard-coded telnet password in totolink a3100r V5.9c.4577?
If an attacker has connected to the Wi-Fi, they can easily telnet into the target with root shell if the telnet function is turned on.
How can the totolink a3100r firmware vulnerability be fixed?
Updating to a patched version of the totolink a3100r firmware can fix the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink a3100r firmware
- version/totolink a3100r firmware/5.9c.4577
- canonical/totolink a3100r