TOTOLINK A3000RU Improper Access Control Vulnerability in Syslog Configuration File Handler

Vulnerability

A vulnerability allowing improper access control has been identified in the TOTOLINK A3000RU router, specifically in versions prior to 5.9c.5185. The issue arises in the Syslog Configuration File Handler, particularly within the file '/cgi-bin/ExportSyslog.sh'. This vulnerability requires local network access to exploit.

Impact

Exploitation of this vulnerability could lead to unauthorized access or manipulation of syslog configuration, potentially allowing for the interception or redirection of log data.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.4

impact

1.3

exploitability

6.2

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TOTOLINK A3000RU Improper Access Control Vulnerability in Syslog Configuration File Handler

Vulnerability

Impact

Affected Products

TOTOLINK A3000RU

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating