Totolink A8000ru_firmware
2 CVEs affecting Totolink A8000ru_firmware. Latest disclosed: 2024-03-12. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-24324 | Critical | 9.8 | 2024-01-30 | TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow. |
CVE-2024-28338 | High | 8.0 | 2024-03-12 | A login bypass in TOTOLINK A8000RU V7.1cu.643_B20200521 allows attackers to login to Administrator accounts via providing a crafted session cookie. |