mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
772 B
772 B
CVE-2018-13315
Description
Incorrect access control in formPasswordSetup in TOTOLINK A3002RU version 1.0.8 allows attackers to change the admin user's password via an unauthenticated POST request.
POC
Reference
- https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
- https://blog.securityevaluators.com/new-vulnerabilities-in-totolink-a3002ru-d6f42a081154
Github
No PoCs found on GitHub currently.