CVE-2021-42892
MEDIUMTotolink Ex1200t Firmware - Hard-coded Credentials
Title source: ruleDescription
In TOTOLINK EX1200T V4.1.2cu.5215, an attacker can start telnet without authorization because the default username and password exists in the firmware.
References (1)
Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_telnet_default.md
Scores
CVSS v3
4.3
EPSS
0.0015
EPSS Percentile
35.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-798
Status
published
Products (1)
totolink/ex1200t_firmware
4.1.2cu.5215
Published
Jun 03, 2022
Tracked Since
Feb 18, 2026