CVE-2021-45735

TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to use the HTTP protocol for authentication into the admin interface, allowing attackers to intercept user credentials via packet capture software.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
VendorProductVersion
totolinkx5000r_firmware
9.1.0u.6118_b20201102:u.6118_b20201102
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/pjqwudi/my_vuln/blob/main/totolink/vuln_12/12.md
https://github.com/pjqwudi/my_vuln/blob/main/totolink/vuln_12/12.md