Totolink N200RE_V5 V9.3.5u.6255_B20211224 Incorrect Access Control Vulnerability

CVE-2022-46025 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Totolink N200RE_V5 V9.3.5u.6255_B20211224 is vulnerable to Incorrect Access Control. The device allows remote attackers to obtain Wi-Fi system information, such as Wi-Fi SSID and Wi-Fi password, without logging into the management page.

Learn more about our Web Application Penetration Testing UK.