Sensitive Data: TOTOLINK N150RT - Password Exposure¶

Identifier: totolink_n150rt_password_exposure

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

TOTOLINK N150RT routers expose sensitive credentials in the password.htm page, potentially allowing unauthorized access to router configuration.

How we test: We test for password exposure vulnerabilities in TOTOLINK N150RT routers by attempting to access password.htm pages and analyzing responses to detect if sensitive credentials are exposed.

Reference:

https://github.com/fizz-is-on-the-way/Iot_vuls/blob/main/N150RT/Information_disclosure_password/imgs/2.png

Configuration¶

Example¶

Example configuration:

---
security_tests:
  totolink_n150rt_password_exposure:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.