Vulnerability Details : CVE-2023-43141
TOTOLINK A3700R V9.1.2u.6134_B20201202 and N600R V5.3c.5137 are vulnerable to Incorrect Access Control.
Products affected by CVE-2023-43141
- cpe:2.3:o:totolink:n600r_firmware:4.3.0cu.7647_b20210106:*:*:*:*:*:*:*
- cpe:2.3:o:totolink:a3700r_firmware:9.1.2u.6134_b20201202:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-43141
2.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-43141
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2023-43141
-
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.Assigned by: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
References for CVE-2023-43141
-
http://totolink.com
TOTOLINKProduct
-
https://github.com/Blue-And-White/vul/blob/main/Iot/TOTOLINK/1/readme.md
File not found ยท GitHubBroken Link;Exploit;Third Party Advisory
Jump to