TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a hardcoded password for root at /etc/shadow.sample.
The manufacturer embedded a static, unchanging password for the root account in the firmware image, stored in the /etc/shadow.sample file. Since the password is identical across all devices with a given software version, an attacker who learns it (e.g., through firmware analysis) can log in to the root account on any vulnerable device. The vulnerability is classified as CWE-798 (use of hardcoded credentials) and CWE-259 (hardcoded password).
An attacker gains full administrator (root) privileges on the device, enabling complete takeover of the router/extender, modification of its configuration, interception of network traffic, and potential use of the device as an entry point to the local network.
Apply patches available from the manufacturer according to the references. Until an update is obtained, it is recommended to restrict access to the device management interface exclusively from trusted network segments and isolate the device from critical network resources.
TOTOLINK EX200 with firmware version V4.0.3c.7646_B20201211
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTotolink Ex200
HWTotolinkwszystkie wersjeTotolink Ex200 Firmware
OSTotolink4.0.3c.7646_b20201211
Related vulnerabilities
RCE w TOTOLINK EX200 poprzez parametr hostTime w funkcji NTPSyncWithHost
TOTOLINK EX200 – nieautoryzowany dostęp do pliku konfiguracyjnego
The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command injection vulnerabili...
A vulnerability classified as critical has been found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected is the...
A vulnerability classified as critical was found in TOTOLINK EX200 4.0.3c.7646_B20201211. Affected by this vul...