Skip to main content

A3100R

1 CVEs product

Monthly

CVE-2026-15271 HIGH This Week

Least-privilege violation across multiple TOTOLINK SOHO router models (A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10, EX200 through firmware 20260906) stems from the /etc/boa/boa.conf configuration of the Boa web-server interface, allowing a low-privileged remote actor to gain access or information beyond their intended authorization boundary. The flaw carries CVSS 4.0 base score 7.7 with high attack complexity, and VulDB rates real-world exploitation as difficult. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure A3000Ru A3100R A950Rg Ac1200T10 +3
NVD VulDB
CVSS 4.0
7.7
EPSS
0.4%
EPSS 0% CVSS 7.7
HIGH This Week

Least-privilege violation across multiple TOTOLINK SOHO router models (A3000RU, A3100R, A950RG, AC1200T10, CP450, CS185R_T10, EX200 through firmware 20260906) stems from the /etc/boa/boa.conf configuration of the Boa web-server interface, allowing a low-privileged remote actor to gain access or information beyond their intended authorization boundary. The flaw carries CVSS 4.0 base score 7.7 with high attack complexity, and VulDB rates real-world exploitation as difficult. There is no public exploit identified at time of analysis and it is not listed in CISA KEV.

Information Disclosure A3000Ru A3100R +5
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy