In TOTOLINK EX200 V4.0.3c.7314_B20191204, an attacker can obtain the configuration file without authorization through /cgi-bin/ExportSettings.sh
2024-04-08T13:15:08.937
2025-06-17T18:30:45.130
Analyzed
CVSSv3.1: 9.1 (CRITICAL)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | totolink | ex200_firmware | 4.0.3c.7646_b20201211 | Yes |
| Hardware | totolink | ex200 | - | No |