Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Thu, 09 Jul 2026 21:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10 and EX200 up to 20260906. Affected by this issue is some unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. The manipulation leads to least privilege violation. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitation is known to be difficult. | |
| Title | TOTOLINK EX200 Web boa.conf least privilege violation | |
| First Time appeared |
Totolink
Totolink a3000ru Totolink a3100r Totolink a950rg Totolink ac1200t10 Totolink cp450 Totolink cs185r T10 Totolink ex200 |
|
| Weaknesses | CWE-266 CWE-272 |
|
| CPEs | cpe:2.3:a:totolink:a3000ru:*:*:*:*:*:*:*:* cpe:2.3:a:totolink:a3100r:*:*:*:*:*:*:*:* cpe:2.3:a:totolink:a950rg:*:*:*:*:*:*:*:* cpe:2.3:a:totolink:ac1200t10:*:*:*:*:*:*:*:* cpe:2.3:a:totolink:cp450:*:*:*:*:*:*:*:* cpe:2.3:a:totolink:cs185r_t10:*:*:*:*:*:*:*:* cpe:2.3:a:totolink:ex200:*:*:*:*:*:*:*:* |
|
| Vendors & Products |
Totolink
Totolink a3000ru Totolink a3100r Totolink a950rg Totolink ac1200t10 Totolink cp450 Totolink cs185r T10 Totolink ex200 |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2026-07-09T21:30:10.629Z
Reserved: 2026-07-09T14:50:16.412Z
Link: CVE-2026-15271
No data.
No data.
No data.
OpenCVE Enrichment
No data.