CVE-2021-42886

HIGH

TOTOLINK EX1200T V4.1.2cu.5215 - Unauthenticated Exposure of Sensitive Information via apmib Configuration File

Title source: llm

Description

TOTOLINK EX1200T V4.1.2cu.5215 contains an information disclosure vulnerability where an attacker can get the apmib configuration file without authorization, and usernames and passwords can be found in the decoded file.

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_exportsettings_leak.md

View Exploit ZIP pw:eip

Scores

CVSS v3 7.5

EPSS 0.0072

EPSS Percentile 72.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-200

Status published

Products (1)

totolink/ex1200t_firmware 4.1.2cu.5215

Published Jun 03, 2022

Tracked Since Feb 18, 2026