A critical vulnerability has been discovered in TOTOLINK CP450 version 4.1.0cu.747_B20191224. This vulnerability affects an unknown part of the file /web_cste/cgi-bin/product.ini of the Telnet Service component. The issue stems from the use of a hard-coded password, which can be exploited remotely without any user interaction.
View the template here CVE-2024-7332.yaml
References:
https://github.com/abcdefg-png/IoT-vulnerable/blob/main/TOTOLINK/CP450/product.md