How severe is CVE-2024-7155?

This vulnerability has a severity rating of LOW with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2024-7155?

This is classified as CWE-259, which is a common weakness in software security.

CVE-2024-7155 - LOW Severity | CVSS 4.7

Vulnerability Description

A vulnerability has been found in TOTOLINK A3300R 17.0.0cu.557_B20221024 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-272569 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2024-33867

MEDIUM

CVSS:4.8(Medium)

An issue was discovered in linqi before 1.4.0.1 on Windows. There is a hardcoded password salt.

CWE-2592024

CVE-2022-27172

MEDIUM

CVSS:4.3(Medium)

A hard-coded password vulnerability exists in the console infactory functionality of InHand Networks InRouter302 V3.5.37. A specially-crafted network request can lead to privileged operation execution...

CWE-2592022

CVE-2023-29103

MEDIUM

CVSS:4.3(Medium)

A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC712 (All versions < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= ...

CWE-2592023

CVE-2024-2197

LOW

CVSS:4.3(Medium)

The Chirp Access app contains a hard-coded password, BEACON_PASSWORD. An attacker within Bluetooth range could change configuration settings within the Bluetooth beacon, effectively disabling the appl...

CWE-2592024

CVE-2024-26196

MEDIUM

CVSS:4.3(Medium)

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability

CWE-2592024

CVE-2025-2556

MEDIUM

CVSS:4.3(Medium)

A vulnerability classified as problematic was found in Audi UTR Dashcam 2.0. Affected by this vulnerability is an unknown functionality of the component Video Stream Handler. The manipulation leads to...

CWE-2592025