CVE-2022-48067

MEDIUM

Totolink A830r Firmware - Hard-coded Credentials

Title source: rule

Description

An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.

References (1)

Scores

CVSS v3 5.5
EPSS 0.0006
EPSS Percentile 18.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Classification

CWE
CWE-798
Status published

Affected Products (1)

totolink/a830r_firmware

Timeline

Published Jan 27, 2023
Tracked Since Feb 18, 2026