CVE-2021-42886

EUVD-2021-29841
TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
Affected Products (NVD)
VendorProductVersion
totolinkex1200t_firmware
4.1.2cu.5215:cu.5215
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_exportsettings_leak.md
https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_exportsettings_leak.md