CVE-2024-1661
CVE-2024-1661 is a low-severity vulnerability in Totolink X6000r Firmware with a CVSS 3.x base score of 2.5. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low. The underlying weakness is classified as CWE-798.
Key facts
- Severity: Low (CVSS 3.x base score 2.5)
- CVSS v2: 1.0
- EPSS exploit prediction: 0% (23rd percentile)
- Actively exploited: Not listed in CISA KEV
- EU (EUVD) id: EUVD-2024-17396
- Weakness: CWE-798
- Affected product: Totolink X6000r Firmware
- Published:
- Last modified:
Description
A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254179. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Frequently asked questions
- What is CVE-2024-1661?
- A vulnerability classified as problematic was found in Totolink X6000R 9.4.0cu.852_B20230719. Affected by this vulnerability is an unknown functionality of the file /etc/shadow. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the local host. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-254179. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
- How severe is CVE-2024-1661?
- CVE-2024-1661 has a CVSS 3.x base score of 2.5, rated low severity. It is exploitable over local access with high attack complexity, requires low privileges and no user interaction. Impact on confidentiality is low, integrity none, and availability none.
- Is CVE-2024-1661 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (23rd percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2024-1661?
- CVE-2024-1661 affects Totolink X6000r Firmware. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2024-1661?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- Does CVE-2024-1661 have an EU (EUVD) identifier?
- Yes. CVE-2024-1661 is tracked in the ENISA EU Vulnerability Database (EUVD) as EUVD-2024-17396.
- When was CVE-2024-1661 published?
- CVE-2024-1661 was published on 2024-02-20 and last updated on 2026-06-17.
References
- https://github.com/WoodManGitHub/MyCVEs/blob/main/2024-Totolink/X6000R-Hardcoded-Password.md
- https://vuldb.com/?ctiid.254179
- https://vuldb.com/?id.254179
Affected products (1)
- cpe:2.3:o:totolink:x6000r_firmware:9.4.0cu.852_b20230719:*:*:*:*:*:*:*
More vulnerabilities in Totolink X6000r Firmware
- CVE-2025-11005 — Critical (CVSS 9.8): Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK…
- CVE-2025-52906 — Critical (CVSS 9.8): Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK…
- CVE-2025-52053 — Critical (CVSS 9.8): TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in the sub_417D74…
- CVE-2024-52723 — Critical (CVSS 9.8): In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used without strict…
- CVE-2023-52040 — Critical (CVSS 9.8): An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the…
- CVE-2023-52039 — Critical (CVSS 9.8): An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the…
All CVEs affecting Totolink X6000r Firmware →
Other CWE-798 (Use of Hard-coded Credentials) vulnerabilities
- CVE-2026-13768 — Critical (CVSS 10.0): Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub…
- CVE-2026-45631 — Critical (CVSS 10.0): Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded…
- CVE-2026-22769 — Critical (CVSS 10.0): Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability.…
- CVE-2025-42890 — Critical (CVSS 10.0): SQL Anywhere Monitor (Non-GUI) baked credentials into the code,exposing the resources or functionality to unintended…
- CVE-2025-7503 — Critical (CVSS 10.0): An OEM IP camera manufactured by Shenzhen Liandian Communication Technology LTD exposes a Telnet service (port 23) with…
- CVE-2025-20309 — Critical (CVSS 10.0): A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session…
Browse all CWE-798 (Use of Hard-coded Credentials) vulnerabilities →