Summary: Password disclosure in password.htm in TOTOLINK A3002RU version 1.0.8 allows attackers to obtain the plaintext password for the admin user by making a GET request for password.htm.Published: Monday, November 26, 2018 - 18:29cvss: