KVS CPENT是甚麼? CPENT是由 EC-Council 於2021年推出的一張資安滲透測試證照，前身為ECSA，區別在於添加了IoT & OT 相關的內容。這張證照很誘人的地方是可以有機會拿到兩張證照CPENT+LPT。 CPENT LPT 70% 90%

Predictable Session ID in Totolink A3100R V5.9c.4577 by KVS Description The SESSION_ID is predictable. An attacker can hijack a valid session and conduct further malicious operations. Affected version Totolink A3100R V5.9c.4577 Root Cause Analysis

Missing Authentication for Critical Function in Totolink A3100R V5.9c.4577 by KVS Description Multiple pages can be read by curl or Burp Suite without authentication. Additionally, admin configurations can be set without cookies, and an attacker can enable telnet and login to root with a shell. Affected version Totolink A3100R V5.9c.4577 Root Cause Analysis

Telnet Hard-code Password in Totolink A3100R V5.9c.4577 by KVS Description The hard-code telnet password can be discovered from official released firmware. An attacker, who has connected to the Wi-Fi, can easily telnet into the target with root shell if the telnet function is turned on. Affected version Totolink A3100R V5.9c.4577 Root Cause Analysis

Command Injection in Totolink A3100R V5.9c.4577 by KVS Description The backend of a page is executing the "ping" command, and the input field does not adequately filter special symbols. This can lead to command injection attacks. Affected version Totolink A3100R V5.9c.4577 Root Cause Analysis

Test page exists in Totolink A3100R V5.9c.4577 by KVS Description Missing Authentication for Critical Function. "test.asp" contains an API-like function, which is not authenticated. Using this function, an attacker can configure multiple settings without authentication. Affected version Totolink A3100R V5.9c.4577 Root Cause Analysis