CVE-2023-46992 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-46992

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

TOTOLINK A3300R V17.0.0cu.557_B20221024 is vulnerable to Incorrect Access Control. Attackers are able to reset serveral critical passwords without authentication by visiting specific pages.

Affected Software

Name	Vendor	Start Version	End Version
A3300r_firmware	Totolink	17.0.0cu.557_b20221024 (including)	17.0.0cu.557_b20221024 (including)

References

https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md
https://github.com/AuroraHaaash/vul_report/blob/main/TOTOLINK%20A3300R/readme.md