Vulnerabilites related to tp-link - mr3420_firmware
cve-2020-35575
Vulnerability from cvelistv5
Published
2020-12-26 02:02
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tp-link.com/us/security | x_refsource_MISC | |
| https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip | x_refsource_MISC | |
| https://pastebin.com/F8AuUdck | x_refsource_MISC | |
| http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:13.414Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tp-link.com/us/security", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://pastebin.com/F8AuUdck", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-24T19:06:16", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tp-link.com/us/security", }, { tags: [ "x_refsource_MISC", ], url: "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip", }, { tags: [ "x_refsource_MISC", ], url: "https://pastebin.com/F8AuUdck", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-35575", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tp-link.com/us/security", refsource: "MISC", url: "https://www.tp-link.com/us/security", }, { name: "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip", refsource: "MISC", url: "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip", }, { name: "https://pastebin.com/F8AuUdck", refsource: "MISC", url: "https://pastebin.com/F8AuUdck", }, { name: "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35575", datePublished: "2020-12-26T02:02:45", dateReserved: "2020-12-20T00:00:00", dateUpdated: "2024-08-04T17:09:13.414Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2020-12-26 02:15
Modified
2024-11-21 05:27
Severity ?
Summary
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wa901nd_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "78454764-D995-4121-B5D4-7EB8D2D25C56", versionEndExcluding: "3.16.9\\(201211\\)_beta", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wa901nd:-:*:*:*:*:*:*:*", matchCriteriaId: "3D360D3B-C006-4678-9D2A-2F8B133D8A51", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:archer_c5_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C29C27F0-386F-46C7-A2FA-2ADE81887ABA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*", matchCriteriaId: "C25DA417-60F3-4E78-A770-709E4FF04504", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C56C283F-CEB9-4DB9-B7F7-3F3C01E8BDDB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:archer_c7:-:*:*:*:*:*:*:*", matchCriteriaId: "DEDC2B7F-FB5F-4EFF-B928-98CA250CB7A6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:mr3420_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "8F596DB1-A414-4528-A075-AEB9B4C9A836", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:mr3420:-:*:*:*:*:*:*:*", matchCriteriaId: "7DE2F6C3-F312-489B-9688-3425D5F70B7B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:mr6400_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "108C6248-A5AA-4C55-8DD3-6355C1423DA2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:mr6400:-:*:*:*:*:*:*:*", matchCriteriaId: "F28ABF89-111A-49E0-9FCF-88C73A49D4B5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wa701nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6898D0DA-977C-4274-AFE7-15949075EBF0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wa701nd:-:*:*:*:*:*:*:*", matchCriteriaId: "927C2347-E983-4B56-8CEE-C38E983F5527", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wa801nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "CD656094-A2F9-4E51-9011-2D36EB668BBC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wa801nd:-:*:*:*:*:*:*:*", matchCriteriaId: "D6B1E54A-036A-4B0B-AB37-B68651234D9F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wdr3500_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E4A6B2A9-E063-459B-AE3B-4F54591DA0FF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wdr3500:-:*:*:*:*:*:*:*", matchCriteriaId: "DBBD8E7C-A05F-4F61-B91C-2228B1B7C989", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wdr3600_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "EA0B6B6A-89C6-4AB5-AD7E-5B22A5A767A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wdr3600:-:*:*:*:*:*:*:*", matchCriteriaId: "28E797DA-B428-439E-A31C-B4E6B3BB2180", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:we843n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "BFE110E1-D900-4A89-80F7-3B70227BCF74", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:we843n:-:*:*:*:*:*:*:*", matchCriteriaId: "2C3338F5-B1BF-4B18-A725-544F4D90BD8F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr1043nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "94301AEF-B801-4BE4-AD8F-ED732680461C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr1043nd:-:*:*:*:*:*:*:*", matchCriteriaId: "C8079B0F-1061-4DA1-B43D-1CDDB60D6DC5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr1045nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "5372D0C1-B2A8-4A83-BB88-3C3D97C4C5BB", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr1045nd:-:*:*:*:*:*:*:*", matchCriteriaId: "E2F5D576-CC51-4D18-B9FC-75496CFB85EC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "4CE51163-C290-4C5D-A187-5AC3933CCD93", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr740n:-:*:*:*:*:*:*:*", matchCriteriaId: "FF514269-E922-4F2B-9A14-B99AA66C5BDE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr741nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0DCD1B98-1A1F-45CF-AD3A-78F45E8D14F9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr741nd:-:*:*:*:*:*:*:*", matchCriteriaId: "87251418-A84D-4BA2-A016-349E980BD04E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr749n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3850BA2F-EE3C-4C44-A26F-353E46E40077", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr749n:-:*:*:*:*:*:*:*", matchCriteriaId: "E290F2A8-C798-49F7-A560-CCEC8BCF3861", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr802n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "91EF60F7-D1B5-4A21-97C1-91E902CD02D1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr802n:-:*:*:*:*:*:*:*", matchCriteriaId: "02D02C2D-AEF5-4B53-AA4F-43884D604F7A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr840n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3E3355F6-8EAF-43DD-A946-7492C63E2805", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr840n:-:*:*:*:*:*:*:*", matchCriteriaId: "1D05124E-DAD8-4F65-804C-4BBD0AA2637F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr841hp_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6B88EDFD-0DFF-43C6-99BE-73EB321016EC", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr841hp:-:*:*:*:*:*:*:*", matchCriteriaId: "B0C9B9EA-D52D-47E5-841F-279CA21C5992", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3885AABC-674C-4C11-8749-20949AD3A9D0", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "FFE54BD8-2B60-41D1-B9A7-7DF60E855120", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr842n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0C871979-0156-4BEB-AFB2-976D8213D6A9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr842n:-:*:*:*:*:*:*:*", matchCriteriaId: "89313A6F-A222-490E-9A31-2E4E71B4F789", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr842nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "0B1D5E20-2D4D-4CBC-A97A-F6AB52575049", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr842nd:-:*:*:*:*:*:*:*", matchCriteriaId: "EDE2A50B-197D-4FBE-980E-775D5947FF5C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr845n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "DE2B244B-B379-4FAE-B9A2-2A0B7E6F068E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr845n:-:*:*:*:*:*:*:*", matchCriteriaId: "57E0FBB1-8836-4F77-BB29-E332073F90FE", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "B954DE5B-3D99-43B6-8BC2-67E37581E911", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr940n:-:*:*:*:*:*:*:*", matchCriteriaId: "839BE14B-F80C-4788-94ED-E6D7FC3BE290", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr941hp_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "C584EB85-EC07-44BE-A7F3-EF164955670A", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr941hp:-:*:*:*:*:*:*:*", matchCriteriaId: "EBC75F36-DD1D-4152-9583-105C1BDC6A2D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr945n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2423E4EB-547B-47C2-9238-47428375BD97", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr945n:-:*:*:*:*:*:*:*", matchCriteriaId: "BC3F2019-E1AB-4EEA-951F-1C9EEFE52506", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wr949n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "E3A83783-C56D-49F9-8D81-69D2C5AB3633", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wr949n:-:*:*:*:*:*:*:*", matchCriteriaId: "71BA5B32-2AA9-4462-BFF5-AF4958CDDCE9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:wrd4300_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "03F3ABE3-5679-4898-8C72-C084FC4D9DD9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:wrd4300:-:*:*:*:*:*:*:*", matchCriteriaId: "42E905BF-2020-44B3-A742-8E50A0DE1373", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.", }, { lang: "es", value: "Un problema de divulgación de contraseña en la interfaz web de determinados dispositivos TP-Link permite a un atacante remoto obtener acceso administrativo completo al panel web. Esto afecta a los dispositivos WA901ND versiones anteriores a 3.16.9(201211) beta, y los dispositivos Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR840249N, WR840249N, Dispositivos WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N y WRD4300", }, ], id: "CVE-2020-35575", lastModified: "2024-11-21T05:27:36.917", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-12-26T02:15:12.870", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://pastebin.com/F8AuUdck", }, { source: "cve@mitre.org", url: "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://pastebin.com/F8AuUdck", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/security", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }