CVE Details
Basic Information
| Title | TOTOLINK T10 shadow.sample hard-coded password |
|---|---|
| Type | cve |
| Published | 2025-06-16T21:00:17.742Z |
| Last Seen |
Product Information
| Vendor | TOTOLINK |
|---|---|
| Product | T10 |
| Version | 4.1.8cu.5207 |
CVSS Information
| Base Score | 2.0 (LOW) |
|---|---|
| Attack Vector | CVSS:4.0/AV:A/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | A vulnerability in TOTOLINK T10 version 4.1.8cu.5207 allows attackers to use a hard-coded password, which could give them unauthorized access. This issue is considered low severity but still poses a risk if exploited locally. |
|---|---|
| AI Severity | Low |
| Vendor | TOTOLINK |
| Product | TOTOLINK T10 |
| Affected Version | 4.1.8cu.5207 |
Affected Products
- TOTOLINK T10 4.1.8cu.5207
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-259, CWE-255 |
| Bulletin Family |
References
Description
A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used.