CVE-2022-48066
CRITICALTotolink A830r Firmware - Authentication Bypass
Title source: ruleDescription
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.
Scores
CVSS v3
9.8
EPSS
0.0064
EPSS Percentile
70.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-287
Status
published
Affected Products (1)
totolink/a830r_firmware
Timeline
Published
Jan 27, 2023
Tracked Since
Feb 18, 2026