First published: Thu May 18 2023(Updated: )
A vulnerability classified as problematic has been found in TOTOLINK N200RE 9.3.5u.6255_B20211224. Affected is an unknown function of the file /squashfs-root/etc_ro/custom.conf of the component Telnet Service. The manipulation leads to password in configuration file. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. VDB-229374 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com cna@vuldb.com
Affected Software | Affected Version | How to fix |
---|---|---|
Totolink N200re Firmware | =9.3.5u.6255_b20211224 | |
Totolink N200RE | ||
All of | ||
Totolink N200re Firmware | =9.3.5u.6255_b20211224 | |
Totolink N200RE |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-2790 is a vulnerability in the TOTOLINK N200RE firmware that allows the password in the configuration file to be manipulated.
The severity of CVE-2023-2790 is medium with a CVSS score of 5.5.
CVE-2023-2790 affects TOTOLINK N200RE firmware version 9.3.5u.6255_B20211224.
TOTOLINK N200RE firmware version 9.3.5u.6255_B20211224 is vulnerable to CVE-2023-2790.
To fix CVE-2023-2790, it is recommended to update the TOTOLINK N200RE firmware to a patched version.