Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5
CVE-2019-19822
- EPSS 2.79%
- Published 27.01.2020 18:15:12
- Last modified 21.11.2024 04:35:27
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, ...
9.8
CVE-2019-19825
- EPSS 0.62%
- Published 27.01.2020 17:15:12
- Last modified 21.11.2024 04:35:28
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determ...