Security Advisory

CVE-2018-13313

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-02-24 18:16:17

Last updated 2024-08-05 09:00:34

Assigner mitre

State PUBLISHED

Description

In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user knows their current password before allowing them to change their password. However, this JavaScript contains the current user’s password in plaintext.

← Browse all CVEs View on cve.org ↗