CVE-2022-36613 Totolink N600R v4.3.0cu7647 contains a hardcoded password for root at /etc/shadow.sample.

This can be leveraged by an attacker to gain super user access on the device.

Pierluigi Paganini

(Security Affairs — OT-TOTOLINK N600R V4.3.0cu.7647_B20210106, hacking)





A hardcoded password of “root” was discovered in the source code of OT-TOTOLINK N600R V4.3.0cu.7647_B20210106, which can be leveraged by a remote attacker to gain super user access to the device.

OT-TOTOLINK N600R V4.3.0cu.7647_B20210106 – Hacking and Physical Access

Due to the lack of security, OT-TOTOLINK N600R V4.3.0cu.7647_B20210106 could be hacked by an attacker who would gain super user access to the device and extract sensitive data from it.

Vulnerability Assessment

The vulnerability was not fixed in the latest firmware update of OT-TOTOLINK N600R V4.3.0cu.7647_B20210106, so it is still present in the device.

Summary of the Risk

This hardcoded password can be leveraged by a remote attacker to gain super user access on the device.

OT-TOTOLINK N600R V4.3.0cu.7647_B20210106: Remote Ping Access Vulnerability

The vulnerability exists in the application, which is a wireless router with a web interface.
The vulnerability was discovered by Pierluigi Paganini and can be exploited by an unauthenticated remote attacker to gain super user access to the device.

Timeline

Published on: 08/29/2022 00:15:00 UTC
Last modified on: 09/01/2022 18:51:00 UTC

References

• https://github.com/whiter6666/CVE/blob/main/TOTOLINK_N600R/hard_code.md
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36613