CVE-2024-10654

NVD Published Date: November 01, 2024 at 12:15 PM
NVD Last Modified: November 05, 2024 at 07:15 AM
Download Patch
Vulnerability ID
CVE-2024-10654
Severity
None
Severity Score
None
Summary
A vulnerability has been found in TOTOLINK LR350 up to 9.3.5u.6369 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /formLoginAuth.htm. The manipulation of the argument authCode with the input 1 leads to authorization bypass. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 9.3.5u.6698_B20230810 is able to address this issue. It is recommended to upgrade the affected component.
References
Mitigation and Patches
-
Exploits
-
Metasploit Payload
-
Vector
None
CWE ID
CWE-285, CWE-266, CWE-639

Recent Publish

CVE-2024-7456

KB5042215

KB5042217

CVE-2024-10454

CVE-2024-8934

KB5042578

See More ...

See SecOps Solution
in action

Schedule Demo
Agentless security for your infrastructure and applications - to build faster, more securely and in a fraction of the operational cost of other solutions
hello@secopsolution.com
+569-231-213
Compare
Qualys Cloud Agent Tenable Nessus Rapid7 InsightVM
Company
About Us Contact Career
Resources
Blog Sample Reports CVE Windows KB Case Studies eBooks Policy Templates Webinar
Try It
Patch Astra EPSS Calculator Contact Free Scan Schedule Demo Log In
© 2024  SecOps Solution, Inc.| Privacy Policy | Terms and Conditions .
Social Media :