CVE-2022-48113
First published: Thu Feb 02 2023(Updated: )
A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Totolink N200re-v5 Firmware | =9.3.5u.6139 | |
| Totolink N200re-v5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2022-48113?
The severity of CVE-2022-48113 is critical with a CVSS score of 9.8.
How does CVE-2022-48113 affect TOTOLINK N200RE_v5 firmware version 9.3.5u.6139?
CVE-2022-48113 allows unauthenticated attackers to access the telnet service and login as root using hardcoded credentials in TOTOLINK N200RE_v5 firmware version 9.3.5u.6139.
Is TOTOLINK N200RE_v5 firmware version 9.3.5u.6139 vulnerable to CVE-2022-48113?
Yes, TOTOLINK N200RE_v5 firmware version 9.3.5u.6139 is vulnerable to CVE-2022-48113.
How can an attacker exploit CVE-2022-48113?
An attacker can exploit CVE-2022-48113 by sending a crafted POST request to access the telnet service and login as root using hardcoded credentials.
Is there a fix available for CVE-2022-48113?
At the moment, there is no known fix available for CVE-2022-48113. Please refer to the vendor's website or advisory for updates and patches.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/totolink
- canonical/totolink n200re-v5 firmware
- version/totolink n200re-v5 firmware/9.3.5u.6139
- canonical/totolink n200re-v5