Vulnerabilites related to tp-link - tl-wr841n_firmware
Vulnerability from fkie_nvd
Published
2014-09-30 14:55
Modified
2025-04-12 10:46
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | * | |
| tp-link | tl-wr841n | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12B0CF34-5A62-4D58-A82F-EB1049472670", versionEndIncluding: "3.13.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.", }, { lang: "es", value: "Múltiples vulnerabilidades de XSS en el router TP-LINK TL-WR841N con firmware 3.13.9 Build 120201 Rel.54965n y anteriores permiten a administradores remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro (1) username o (2) pwd en userRpm/NoipDdnsRpm.htm.", }, ], id: "CVE-2012-6316", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2014-09-30T14:55:07.970", references: [ { source: "cve@mitre.org", url: "http://seclists.org/fulldisclosure/2012/Dec/93", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/56602", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://seclists.org/fulldisclosure/2012/Dec/93", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/56602", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-01-26 18:15
Modified
2024-11-21 05:27
Severity ?
Summary
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://jvn.jp/en/vu/JVNVU92444096/ | Patch, Third Party Advisory | |
| cve@mitre.org | https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#Firmware | Patch, Vendor Advisory | |
| cve@mitre.org | https://www.tp-link.com/us/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://jvn.jp/en/vu/JVNVU92444096/ | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#Firmware | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tp-link.com/us/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | * | |
| tp-link | tl-wr841n | v13 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "8A4AEC5C-05C5-458A-8F69-45686EFD56DA", versionEndExcluding: "201216", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v13:*:*:*:*:*:*:*", matchCriteriaId: "793E76A4-84C9-45DA-B9FE-85472C952F44", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.", }, { lang: "es", value: "Un problema de Inyección de Comando en la funcionalidad traceroute en TP-Link TL-WR841N V13 (JP) con versiones de firmware anteriores a 201216, permite a usuarios autenticados ejecutar código arbitrario como root por medio de metacaracteres de shell, una vulnerabilidad diferente a CVE-2018-12577", }, ], id: "CVE-2020-35576", lastModified: "2024-11-21T05:27:37.137", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-01-26T18:15:54.223", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://jvn.jp/en/vu/JVNVU92444096/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#Firmware", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://jvn.jp/en/vu/JVNVU92444096/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#Firmware", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/security", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-07-14 14:15
Modified
2024-11-21 07:02
Severity ?
Summary
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://tl-wr841.com | Broken Link, URL Repurposed | |
| cve@mitre.org | http://tp-link.com | Vendor Advisory | |
| cve@mitre.org | https://pastebin.com/0XRFr3zE | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tl-wr841.com | Broken Link, URL Repurposed | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tp-link.com | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://pastebin.com/0XRFr3zE | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841_firmware | - | |
| tp-link | tl-wr841 | 10 | |
| tp-link | tl-wr841 | 11 | |
| tp-link | tl-wr841 | 12 | |
| tp-link | tl-wr841n_firmware | 3.16.9 | |
| tp-link | tl-wr841n | 12 | |
| tp-link | tl-wr841n\(eu\)_firmware | 160325 | |
| tp-link | tl-wr841n\(eu\) | 11 | |
| tp-link | tl-wr841n_firmware | 150616 | |
| tp-link | tl-wr841n | 11 | |
| tp-link | tl-wr841n_firmware | 150310 | |
| tp-link | tl-wr841n | 10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "44B31977-DF82-44D4-B86D-06811BAD44EA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841:10:*:*:*:*:*:*:*", matchCriteriaId: "1D0FF223-7AE0-4423-B291-A5E3624FE2E0", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr841:11:*:*:*:*:*:*:*", matchCriteriaId: "71CC9729-8915-4D0E-B1BC-63D494EEA021", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr841:12:*:*:*:*:*:*:*", matchCriteriaId: "6C94F6B3-2160-4F2D-AFA4-B540AA3B7193", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:3.16.9:*:*:*:*:*:*:*", matchCriteriaId: "B81E723C-539A-41E7-8486-A8263E9491F5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:12:*:*:*:*:*:*:*", matchCriteriaId: "E855A3D8-9968-4DF9-890D-62028472A11B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n\\(eu\\)_firmware:160325:*:*:*:*:*:*:*", matchCriteriaId: "1F581106-3805-44B4-81B6-9C30D02DE3B6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n\\(eu\\):11:*:*:*:*:*:*:*", matchCriteriaId: "F57BBF8C-693B-4249-8ACF-1FEE55D777D5", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:150616:*:*:*:*:*:*:*", matchCriteriaId: "D129F04E-E5E0-47C8-82DF-4B782306BC9E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:11:*:*:*:*:*:*:*", matchCriteriaId: "508A2761-3DB2-4973-8B9C-22BE876EE987", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:150310:*:*:*:*:*:*:*", matchCriteriaId: "8CB29067-7290-4B39-ABF8-4805BAF78804", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:10:*:*:*:*:*:*:*", matchCriteriaId: "605FA887-700C-4A7E-A253-E672D5554737", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.", }, { lang: "es", value: "Un desbordamiento de búfer en el demonio httpd en los dispositivos TP-Link TL-WR841N V12 (versión de firmware 3.16.9) permite a un atacante remoto autenticado ejecutar código arbitrario por medio de una petición GET a la página de Herramientas del sistema de la red Wi-Fi. Esto afecta a los dispositivos TL-WR841 V12 TL-WR841N(EU)_V12_160624 y TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 y TL-WR841 V10 TL-WR841N_V10_150310 también están afectados", }, ], id: "CVE-2022-30024", lastModified: "2024-11-21T07:02:05.870", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-07-14T14:15:13.277", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "URL Repurposed", ], url: "http://tl-wr841.com", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://tp-link.com", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://pastebin.com/0XRFr3zE", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "URL Repurposed", ], url: "http://tl-wr841.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://tp-link.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://pastebin.com/0XRFr3zE", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-18 13:15
Modified
2024-11-21 07:24
Severity ?
Summary
TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS).
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328 | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 4.17.16_build_120201_rel.54750n | |
| tp-link | tl-wr841n | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:4.17.16_build_120201_rel.54750n:*:*:*:*:*:*:*", matchCriteriaId: "296E9677-0322-40BA-939F-684EBA3B5385", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:8.0:*:*:*:*:*:*:*", matchCriteriaId: "D1520C26-52D3-46E6-B11B-89C4085DDF23", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS).", }, { lang: "es", value: "TP-Link TL-WR841N versión 8.0 4.17.16 Build 120201 Rel.54750n, es vulnerable a un ataque de tipo Cross Site Scripting (XSS)", }, ], id: "CVE-2022-42202", lastModified: "2024-11-21T07:24:31.490", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 6.1, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "CHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 2.7, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-18T13:15:10.587", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-79", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-07 04:15
Modified
2025-01-07 15:15
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:2.0:*:*:*:*:*:*:*", matchCriteriaId: "68707068-83D6-460C-9107-1B86FC95F6DC", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr940n:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6212F19C-E507-43BC-B3F0-7DDABB84BE20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:8.0:*:*:*:*:*:*:*", matchCriteriaId: "D1520C26-52D3-46E6-B11B-89C4085DDF23", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr841n:10.0:*:*:*:*:*:*:*", matchCriteriaId: "694B53D1-8714-4678-A9CF-51FF230C8BC4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:1.0:*:*:*:*:*:*:*", matchCriteriaId: "6284AB5D-17FD-411B-99A1-948434193041", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr740n:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5E7D2E14-77D8-4534-BBD1-D52ADA5B175F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .", }, { lang: "es", value: "Se ha descubierto que TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, y TL-WR740N V1/V2 contienen una vulnerabilidad de inyección de comandos en el componente /userRpm/WlanNetworkRpm.", }, ], id: "CVE-2023-33538", lastModified: "2025-01-07T15:15:08.190", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-07T04:15:10.623", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-77", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-77", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-02 16:29
Modified
2024-11-21 03:45
Severity ?
Summary
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/ | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/ | Broken Link, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 0.9.1_4.16 | |
| tp-link | tl-wr841n | 13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*", matchCriteriaId: "DFC9F2FC-5E8B-4EE2-9B51-5F6A061E72B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:13.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E3FFDF-5026-4037-BF2F-0BF5D3E7EB26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.", }, { lang: "es", value: "Los dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n permiten el secuestro de clicks.", }, ], id: "CVE-2018-12576", lastModified: "2024-11-21T03:45:27.917", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 4.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-02T16:29:00.520", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-1021", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-02 16:29
Modified
2024-11-21 03:45
Severity ?
Summary
On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/ | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/ | Broken Link, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 0.9.1_4.16 | |
| tp-link | tl-wr841n | 13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*", matchCriteriaId: "DFC9F2FC-5E8B-4EE2-9B51-5F6A061E72B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:13.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E3FFDF-5026-4037-BF2F-0BF5D3E7EB26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.", }, { lang: "es", value: "En dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n, todas las acciones en la interfaz web se han visto afectadas por una omisión de autenticación mediante una petición HTTP.", }, ], id: "CVE-2018-12575", lastModified: "2024-11-21T03:45:27.770", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-02T16:29:00.490", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-287", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-12-20 20:15
Modified
2024-11-21 07:31
Severity ?
Summary
An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | * | |
| tp-link | tl-wr841n | - | |
| tp-link | tl-wr841nd_v7_firmware | * | |
| tp-link | tl-wr841nd_v7 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12B0CF34-5A62-4D58-A82F-EB1049472670", versionEndIncluding: "3.13.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841nd_v7_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "05F0D098-707E-430C-961E-C8C0A12AF8D6", versionEndIncluding: "3.13.9", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841nd_v7:-:*:*:*:*:*:*:*", matchCriteriaId: "771A5B04-A342-4160-9319-FB23B50D30BA", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.", }, { lang: "es", value: "Un problema en el proceso de actualización de firmware de TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 y anteriores permite a atacantes ejecutar código arbitrario o provocar una Denegación de Servicio (DoS) mediante la carga de una imagen de firmware manipulada.", }, ], id: "CVE-2022-46912", lastModified: "2024-11-21T07:31:18.107", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-12-20T20:15:11.080", references: [ { source: "cve@mitre.org", url: "https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/Sk6sfbTPi", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/press/security-advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/Sk6sfbTPi", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/press/security-advisory/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-22 20:15
Modified
2024-12-10 21:15
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v4 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v8 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v10 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v2 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v3 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v5 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v4:*:*:*:*:*:*:*", matchCriteriaId: "2537DC7E-8024-45B5-924C-18C9B702DAFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v8:*:*:*:*:*:*:*", matchCriteriaId: "2F9738A0-4CC4-4C8C-A4BA-843395B0AA55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v10:*:*:*:*:*:*:*", matchCriteriaId: "BDC4230D-3A3A-4D0E-BBD3-79C3054E90F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v2:*:*:*:*:*:*:*", matchCriteriaId: "029B4B03-94CE-41FF-A635-41682AE4B26D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v3:*:*:*:*:*:*:*", matchCriteriaId: "DF722F24-7D43-4535-B013-545109CB1D98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v5:*:*:*:*:*:*:*", matchCriteriaId: "1B0FC0E0-6C5B-49CA-95E3-D4AAC9D51518", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v6:*:*:*:*:*:*:*", matchCriteriaId: "111123CC-8945-4BB2-AD6B-08E80B1A2AD6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], id: "CVE-2023-36359", lastModified: "2024-12-10T21:15:14.750", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-22T20:15:09.920", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", }, { source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-01-07 23:15
Modified
2024-11-21 04:31
Severity ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 0.9.1_4.16 | |
| tp-link | tl-wr841n | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*", matchCriteriaId: "DFC9F2FC-5E8B-4EE2-9B51-5F6A061E72B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.", }, { lang: "es", value: "Esta vulnerabilidad permite a atacantes remotos ejecutar código arbitrario en las instalaciones afectadas de los routers TP-LINK TL-WR841N. No es requerida una autenticación para explotar esta vulnerabilidad. El fallo específico ocurre dentro del servicio web, que escucha sobre el puerto TCP 80 por defecto. Cuando se analiza el encabezado de petición Host, el proceso no comprueba apropiadamente la longitud de los datos suministrados por el usuario antes de copiarlos en un búfer estático de longitud fija. Un atacante puede aprovechar esta vulnerabilidad para ejecutar código en el contexto del usuario administrador. Fue ZDI-CAN-8457.", }, ], id: "CVE-2019-17147", lastModified: "2024-11-21T04:31:47.390", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-01-07T23:15:10.967", references: [ { source: "zdi-disclosures@trendmicro.com", tags: [ "Product", ], url: "https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware", }, { source: "zdi-disclosures@trendmicro.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-19-992/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-19-992/", }, ], sourceIdentifier: "zdi-disclosures@trendmicro.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "zdi-disclosures@trendmicro.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-02 16:29
Modified
2024-11-21 03:45
Severity ?
Summary
The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/ | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/ | Broken Link, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 0.9.1_4.16 | |
| tp-link | tl-wr841n | 13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*", matchCriteriaId: "DFC9F2FC-5E8B-4EE2-9B51-5F6A061E72B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:13.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E3FFDF-5026-4037-BF2F-0BF5D3E7EB26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.", }, { lang: "es", value: "Las funcionalidades Ping y Traceroute en dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n permiten la inyección de comandos ciega autenticada.", }, ], id: "CVE-2018-12577", lastModified: "2024-11-21T03:45:28.050", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "PARTIAL", baseScore: 6.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:S/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-02T16:29:00.553", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-09-06 10:15
Modified
2024-11-21 08:09
Severity ?
Summary
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr902ac_firmware | * | |
| tp-link | tl-wr902ac | - | |
| tp-link | tl-wr802n_firmware | * | |
| tp-link | tl-wr802n | - | |
| tp-link | tl-wr841n_firmware | * | |
| tp-link | tl-wr841n | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr902ac_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "3376E9AB-5749-4129-BF47-B9378E073B5A", versionEndExcluding: "230506", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr902ac:-:*:*:*:*:*:*:*", matchCriteriaId: "5541D281-8231-4724-BF9B-4E0FF61215A0", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr802n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "EC40A74F-6DCC-4DEB-A38F-D293BE80303F", versionEndExcluding: "221008", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr802n:-:*:*:*:*:*:*:*", matchCriteriaId: "2E1B4F55-1FCF-4557-A051-2EBC1414DD00", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "93ED2916-46C6-43BE-A163-4AC82874869A", versionEndExcluding: "230506", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.", }, { lang: "es", value: "Múltiples productos TP-LINK permiten que un atacante no autenticado adyacente a la red ejecute comandos arbitrarios del sistema operativo. Los productos/versiones afectados son los siguientes: versiones de firmware del TL-WR802N anteriores a 'TL-WR802N(JP)_V4_221008', versiones de firmware del TL-WR841N anteriores a 'TL-WR841N(JP)_V14_230506' y versiones de firmware del TL-WR902AC anteriores a 'TL-WR902AC(JP)_V3_230506'.\n", }, ], id: "CVE-2023-36489", lastModified: "2024-11-21T08:09:49.150", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-09-06T10:15:13.710", references: [ { source: "vultures@jpcert.or.jp", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/vu/JVNVU99392903/", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware", }, { source: "vultures@jpcert.or.jp", tags: [ "Product", ], url: "https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://jvn.jp/en/vu/JVNVU99392903/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware", }, ], sourceIdentifier: "vultures@jpcert.or.jp", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-78", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-06-04 14:29
Modified
2024-11-21 03:43
Severity ?
Summary
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.exploit-db.com/exploits/44781/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.exploit-db.com/exploits/44781/ | Exploit, Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr840n_firmware | 0.9.1_3.16 | |
| tp-link | tl-wr840n | 5.0 | |
| tp-link | tl-wr841n_firmware | 0.9.1_4.16 | |
| tp-link | tl-wr841n | 13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1_3.16:*:*:*:*:*:*:*", matchCriteriaId: "7B9385FA-268B-4968-ACB7-6571900D56FA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr840n:5.0:*:*:*:*:*:*:*", matchCriteriaId: "B2A8E1EF-87EB-4915-9E6E-0BF121AA9858", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*", matchCriteriaId: "DFC9F2FC-5E8B-4EE2-9B51-5F6A061E72B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:13.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E3FFDF-5026-4037-BF2F-0BF5D3E7EB26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of \"Referer: http://192.168.0.1/mainFrame.htm\" then no authentication is required for any action.", }, { lang: "es", value: "Se ha descubierto un problema en los dispositivos TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n y TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n. Este problema viene provocado por una gestión incorrecta de sesiones en la carpeta /cgi/ o un archivo /cgi. Si un atacante envía una cabecera \"Referer: http://192.168.0.1/mainFrame.htm\", no se requiere autenticación para llevar a cabo cualquier tipo de acción.", }, ], id: "CVE-2018-11714", lastModified: "2024-11-21T03:43:52.910", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-06-04T14:29:00.500", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44781/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "https://www.exploit-db.com/exploits/44781/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-384", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-09 23:15
Modified
2024-11-21 06:38
Severity ?
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 3.16.9 | |
| tp-link | tl-wr841n | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:3.16.9:build160325_rel.62500n:*:*:*:*:*:*", matchCriteriaId: "B8EACBCC-F879-4BA0-B66D-79093935D3D7", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:11:*:*:*:*:*:*:*", matchCriteriaId: "508A2761-3DB2-4973-8B9C-22BE876EE987", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.", }, { lang: "es", value: "Se presenta una vulnerabilidad en el router inalámbrico TP-Link TL-WR841N versión V11 3.16.9 Build 160325 Rel.62500n, debido a una transmisión de información de autenticación en formato cleartextbase64. Una explotación con éxito de esta vulnerabilidad podría permitir a un atacante remoto interceptar las credenciales y posteriormente llevar a cabo operaciones administrativas en el dispositivo afectado mediante la interfaz de administración basada en web", }, ], id: "CVE-2022-0162", lastModified: "2024-11-21T06:38:02.873", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.5, impactScore: 5.9, source: "vdisclose@cert-in.org.in", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-09T23:15:16.513", references: [ { source: "vdisclose@cert-in.org.in", tags: [ "Third Party Advisory", ], url: "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068", }, ], sourceIdentifier: "vdisclose@cert-in.org.in", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-319", }, ], source: "vdisclose@cert-in.org.in", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-319", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-07 04:15
Modified
2025-01-07 16:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:2.0:*:*:*:*:*:*:*", matchCriteriaId: "68707068-83D6-460C-9107-1B86FC95F6DC", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr940n:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6212F19C-E507-43BC-B3F0-7DDABB84BE20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:8.0:*:*:*:*:*:*:*", matchCriteriaId: "D1520C26-52D3-46E6-B11B-89C4085DDF23", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr841n:10.0:*:*:*:*:*:*:*", matchCriteriaId: "694B53D1-8714-4678-A9CF-51FF230C8BC4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:1.0:*:*:*:*:*:*:*", matchCriteriaId: "6284AB5D-17FD-411B-99A1-948434193041", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr740n:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5E7D2E14-77D8-4534-BBD1-D52ADA5B175F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm.", }, { lang: "es", value: "Se descubrió que TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10 y TL-WR740N V1/V2 contenían un desbordamiento de búfer a través del componente /userRpm/WlanMacFilterRpm.", }, ], id: "CVE-2023-33536", lastModified: "2025-01-07T16:15:31.153", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-07T04:15:10.467", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/2/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_WlanMacFilterRpm.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/2/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_WlanMacFilterRpm.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-22 20:15
Modified
2024-11-21 08:09
Severity ?
Summary
TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v4 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v8 | |
| tp-link | tl-wr740n_firmware | - | |
| tp-link | tl-wr740n | v1 | |
| tp-link | tl-wr740n_firmware | - | |
| tp-link | tl-wr740n | v2 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v2 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v5 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v4:*:*:*:*:*:*:*", matchCriteriaId: "2537DC7E-8024-45B5-924C-18C9B702DAFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v8:*:*:*:*:*:*:*", matchCriteriaId: "2F9738A0-4CC4-4C8C-A4BA-843395B0AA55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:v1:*:*:*:*:*:*:*", matchCriteriaId: "89AF2EC8-F679-4A9D-BB1C-E3EABCC7A086", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:v2:*:*:*:*:*:*:*", matchCriteriaId: "19CA5AB9-F342-4E8D-9658-569198DDE8F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v2:*:*:*:*:*:*:*", matchCriteriaId: "029B4B03-94CE-41FF-A635-41682AE4B26D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v5:*:*:*:*:*:*:*", matchCriteriaId: "1B0FC0E0-6C5B-49CA-95E3-D4AAC9D51518", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v6:*:*:*:*:*:*:*", matchCriteriaId: "714E7A62-634A-4DF8-B5AF-D6B306808B54", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], id: "CVE-2023-36356", lastModified: "2024-11-21T08:09:35.277", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-22T20:15:09.780", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-01-26 21:55
Modified
2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/185100 | US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/185100 | US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 3.13.9 | |
| tp-link | tl-wr841n | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:3.13.9:*:*:*:*:*:*:*", matchCriteriaId: "5DA3A384-7F8E-4B43-8F12-9C81EF409225", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.", }, { lang: "es", value: "Vulnerabilidad de salto de directorio en el interfaz de gestión web del router TP-LINK TL-WR841N router con firmware v3.13.9 build 120201 Rel.54965n y anteriores, permite a atacantes remotos leer ficheros arbitrarios a través de un parámetro en la URL.", }, ], id: "CVE-2012-6276", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-01-26T21:55:00.960", references: [ { source: "cret@cert.org", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/185100", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "US Government Resource", ], url: "http://www.kb.cert.org/vuls/id/185100", }, ], sourceIdentifier: "cret@cert.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-07-02 16:29
Modified
2024-11-21 03:45
Severity ?
Summary
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/ | Broken Link, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/ | Broken Link, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 0.9.1_4.16 | |
| tp-link | tl-wr841n | 13.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*", matchCriteriaId: "DFC9F2FC-5E8B-4EE2-9B51-5F6A061E72B1", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:13.0:*:*:*:*:*:*:*", matchCriteriaId: "F8E3FFDF-5026-4037-BF2F-0BF5D3E7EB26", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.", }, { lang: "es", value: "Existe CSRF para todas las acciones en la interfaz web en dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n.", }, ], id: "CVE-2018-12574", lastModified: "2024-11-21T03:45:27.623", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-07-02T16:29:00.443", references: [ { source: "cve@mitre.org", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Third Party Advisory", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-352", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-02-24 15:15
Modified
2024-11-21 06:51
Severity ?
Summary
TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 0.9.1_4.18 | |
| tp-link | tl-wr841n | v14 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.18:*:*:*:*:*:*:*", matchCriteriaId: "921DEC28-936A-4C8C-AB63-34FE93AE5ED6", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v14:*:*:*:*:*:*:*", matchCriteriaId: "883F1571-DD41-4833-BA4A-EA370F21F07C", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.", }, { lang: "es", value: "Se ha detectado que los routers TL-WR841Nv14_US_0.9.1_4.18, contienen un desbordamiento de pila en la función dm_fillObjByStr(). Esta vulnerabilidad permite a atacantes no autenticados ejecutar código arbitrario", }, ], id: "CVE-2022-25073", lastModified: "2024-11-21T06:51:36.573", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 10, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-02-24T15:15:30.117", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-22 20:15
Modified
2024-12-10 22:15
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Summary
TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v4 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v8 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v2 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v3 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v5 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v6 | |
| tp-link | tl-wr743nd_firmware | - | |
| tp-link | tl-wr743nd | v1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v4:*:*:*:*:*:*:*", matchCriteriaId: "2537DC7E-8024-45B5-924C-18C9B702DAFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v8:*:*:*:*:*:*:*", matchCriteriaId: "2F9738A0-4CC4-4C8C-A4BA-843395B0AA55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v2:*:*:*:*:*:*:*", matchCriteriaId: "029B4B03-94CE-41FF-A635-41682AE4B26D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v3:*:*:*:*:*:*:*", matchCriteriaId: "DF722F24-7D43-4535-B013-545109CB1D98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v5:*:*:*:*:*:*:*", matchCriteriaId: "1B0FC0E0-6C5B-49CA-95E3-D4AAC9D51518", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v6:*:*:*:*:*:*:*", matchCriteriaId: "111123CC-8945-4BB2-AD6B-08E80B1A2AD6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr743nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "3E9AD6E6-39EE-4A07-BBD7-5C48257A8689", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr743nd:v1:*:*:*:*:*:*:*", matchCriteriaId: "E5056D9C-BCA3-4361-AB19-686875E5C123", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], id: "CVE-2023-36358", lastModified: "2024-12-10T22:15:05.393", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-22T20:15:09.873", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-120", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-07 04:15
Modified
2025-01-07 16:15
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Summary
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:2.0:*:*:*:*:*:*:*", matchCriteriaId: "68707068-83D6-460C-9107-1B86FC95F6DC", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr940n:4.0:*:*:*:*:*:*:*", matchCriteriaId: "6212F19C-E507-43BC-B3F0-7DDABB84BE20", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:8.0:*:*:*:*:*:*:*", matchCriteriaId: "D1520C26-52D3-46E6-B11B-89C4085DDF23", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr841n:10.0:*:*:*:*:*:*:*", matchCriteriaId: "694B53D1-8714-4678-A9CF-51FF230C8BC4", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:1.0:*:*:*:*:*:*:*", matchCriteriaId: "6284AB5D-17FD-411B-99A1-948434193041", vulnerable: false, }, { criteria: "cpe:2.3:h:tp-link:tl-wr740n:2.0:*:*:*:*:*:*:*", matchCriteriaId: "5E7D2E14-77D8-4534-BBD1-D52ADA5B175F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.", }, { lang: "es", value: "Se descubrió que TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10 y TL-WR740N V1/V2 contenían un desbordamiento de búfer a través del componente /userRpm/FixMapCfgRpm.", }, ], id: "CVE-2023-33537", lastModified: "2025-01-07T16:15:31.423", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }, published: "2023-06-07T04:15:10.563", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/1/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_FixMapCfgRpm.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/1/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_FixMapCfgRpm.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2020-04-02 17:15
Modified
2024-11-21 05:38
Severity ?
Summary
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://ktln2.org/2020/03/29/exploiting-mips-router/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.tp-link.com/us/security | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://ktln2.org/2020/03/29/exploiting-mips-router/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tp-link.com/us/security | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n_firmware | 3.16.9 | |
| tp-link | tl-wr841n | v10 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:3.16.9:*:*:*:*:*:*:*", matchCriteriaId: "B81E723C-539A-41E7-8486-A8263E9491F5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v10:*:*:*:*:*:*:*", matchCriteriaId: "BDC4230D-3A3A-4D0E-BBD3-79C3054E90F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.", }, { lang: "es", value: "Un desbordamiento del búfer en el demonio httpd en los dispositivos TP-Link TL-WR841N versión V10 (versión de firmware 3.16.9), permite a un atacante remoto autenticado ejecutar código arbitrario por medio de una petición GET en la página para la configuración de la red Wi-Fi.", }, ], id: "CVE-2020-8423", lastModified: "2024-11-21T05:38:49.267", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "SINGLE", availabilityImpact: "COMPLETE", baseScore: 9, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:L/Au:S/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.2, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "HIGH", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.2, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2020-04-02T17:15:14.490", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://ktln2.org/2020/03/29/exploiting-mips-router/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://ktln2.org/2020/03/29/exploiting-mips-router/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.tp-link.com/us/security", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-22 20:15
Modified
2024-12-02 19:15
Severity ?
Summary
An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v4 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v8 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v10 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v2 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v5 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v4:*:*:*:*:*:*:*", matchCriteriaId: "2537DC7E-8024-45B5-924C-18C9B702DAFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v8:*:*:*:*:*:*:*", matchCriteriaId: "2F9738A0-4CC4-4C8C-A4BA-843395B0AA55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v10:*:*:*:*:*:*:*", matchCriteriaId: "BDC4230D-3A3A-4D0E-BBD3-79C3054E90F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v2:*:*:*:*:*:*:*", matchCriteriaId: "029B4B03-94CE-41FF-A635-41682AE4B26D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v5:*:*:*:*:*:*:*", matchCriteriaId: "1B0FC0E0-6C5B-49CA-95E3-D4AAC9D51518", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v6:*:*:*:*:*:*:*", matchCriteriaId: "714E7A62-634A-4DF8-B5AF-D6B306808B54", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], id: "CVE-2023-36357", lastModified: "2024-12-02T19:15:07.480", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.1, impactScore: 4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-22T20:15:09.823", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, { description: [ { lang: "en", value: "CWE-770", }, ], source: "134c704f-9b21-4f2e-91b3-4a467353bcc0", type: "Secondary", }, ], }
Vulnerability from fkie_nvd
Published
2012-11-01 10:44
Modified
2025-04-11 00:51
Severity ?
Summary
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr841n | - | |
| tp-link | tl-wr841n_firmware | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", matchCriteriaId: "AD44582F-0CC5-4A71-8FE8-2BEF65EB717E", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "12B0CF34-5A62-4D58-A82F-EB1049472670", versionEndIncluding: "3.13.9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.", }, { lang: "es", value: "Una vulnerabilidad de salto de directorio en la función de administración web del Router TP-LINK TL-WR841N con firmware v3.13.9 build 120201 Rel.54965n y anteriores permite a atacantes remotos leer archivos de su elección a través de un .. (punto punto) en el PATH_INFO a la URI help/.", }, ], id: "CVE-2012-5687", lastModified: "2025-04-11T00:51:21.963", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 7.8, confidentialityImpact: "COMPLETE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:C/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-11-01T10:44:47.843", references: [ { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { source: "cve@mitre.org", url: "http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/79662", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/79662", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-06-22 20:15
Modified
2024-11-21 08:09
Severity ?
Summary
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v4 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v8 | |
| tp-link | tl-wr841n_firmware | - | |
| tp-link | tl-wr841n | v10 | |
| tp-link | tl-wr740n_firmware | - | |
| tp-link | tl-wr740n | v1 | |
| tp-link | tl-wr740n_firmware | - | |
| tp-link | tl-wr740n | v2 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v2 | |
| tp-link | tl-wr940n_firmware | - | |
| tp-link | tl-wr940n | v3 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v5 | |
| tp-link | tl-wr941nd_firmware | - | |
| tp-link | tl-wr941nd | v6 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v4:*:*:*:*:*:*:*", matchCriteriaId: "2537DC7E-8024-45B5-924C-18C9B702DAFC", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v8:*:*:*:*:*:*:*", matchCriteriaId: "2F9738A0-4CC4-4C8C-A4BA-843395B0AA55", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "F7F95370-1001-4194-A0CB-B3CEA027AB6D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr841n:v10:*:*:*:*:*:*:*", matchCriteriaId: "BDC4230D-3A3A-4D0E-BBD3-79C3054E90F8", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:v1:*:*:*:*:*:*:*", matchCriteriaId: "89AF2EC8-F679-4A9D-BB1C-E3EABCC7A086", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr740n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "13CA99B0-BE20-4850-9D5E-2CC6020C4775", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr740n:v2:*:*:*:*:*:*:*", matchCriteriaId: "19CA5AB9-F342-4E8D-9658-569198DDE8F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v2:*:*:*:*:*:*:*", matchCriteriaId: "029B4B03-94CE-41FF-A635-41682AE4B26D", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr940n_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "2492A6CA-DFF1-42DC-8800-4A66D8943C33", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr940n:v3:*:*:*:*:*:*:*", matchCriteriaId: "DF722F24-7D43-4535-B013-545109CB1D98", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v5:*:*:*:*:*:*:*", matchCriteriaId: "1B0FC0E0-6C5B-49CA-95E3-D4AAC9D51518", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:tp-link:tl-wr941nd_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7600C377-2A63-4127-8958-32E04E7983CA", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:tp-link:tl-wr941nd:v6:*:*:*:*:*:*:*", matchCriteriaId: "111123CC-8945-4BB2-AD6B-08E80B1A2AD6", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], id: "CVE-2023-36354", lastModified: "2024-11-21T08:09:34.943", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-06-22T20:15:09.687", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-120", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2018-12574
Vulnerability from cvelistv5
Published
2018-07-02 16:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.
References
| ▼ | URL | Tags |
|---|---|---|
| https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:38:06.301Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-27T00:00:00", descriptions: [ { lang: "en", value: "CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-02T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-12574", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", refsource: "MISC", url: "https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-12574", datePublished: "2018-07-02T16:00:00", dateReserved: "2018-06-19T00:00:00", dateUpdated: "2024-08-05T08:38:06.301Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30024
Vulnerability from cvelistv5
Published
2022-07-14 13:41
Modified
2024-08-03 06:40
Severity ?
EPSS score ?
Summary
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tp-link.com | x_refsource_MISC | |
| http://tl-wr841.com | x_refsource_MISC | |
| https://pastebin.com/0XRFr3zE | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:40:46.361Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://tp-link.com", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://tl-wr841.com", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://pastebin.com/0XRFr3zE", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-07-14T13:41:42", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://tp-link.com", }, { tags: [ "x_refsource_MISC", ], url: "http://tl-wr841.com", }, { tags: [ "x_refsource_MISC", ], url: "https://pastebin.com/0XRFr3zE", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-30024", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://tp-link.com", refsource: "MISC", url: "http://tp-link.com", }, { name: "http://tl-wr841.com", refsource: "MISC", url: "http://tl-wr841.com", }, { name: "https://pastebin.com/0XRFr3zE", refsource: "MISC", url: "https://pastebin.com/0XRFr3zE", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-30024", datePublished: "2022-07-14T13:41:42", dateReserved: "2022-05-02T00:00:00", dateUpdated: "2024-08-03T06:40:46.361Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33537
Vulnerability from cvelistv5
Published
2023-06-07 00:00
Modified
2025-01-07 15:12
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:47:05.792Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/1/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_FixMapCfgRpm.md", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-33537", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T15:11:12.619651Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T15:12:13.175Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-07T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/1/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_FixMapCfgRpm.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-33537", datePublished: "2023-06-07T00:00:00", dateReserved: "2023-05-22T00:00:00", dateUpdated: "2025-01-07T15:12:13.175Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12575
Vulnerability from cvelistv5
Published
2018-07-02 16:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
References
| ▼ | URL | Tags |
|---|---|---|
| https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:38:06.349Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-27T00:00:00", descriptions: [ { lang: "en", value: "On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-02T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-12575", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/", refsource: "MISC", url: "https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-12575", datePublished: "2018-07-02T16:00:00", dateReserved: "2018-06-19T00:00:00", dateUpdated: "2024-08-05T08:38:06.349Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-46912
Vulnerability from cvelistv5
Published
2022-12-20 00:00
Modified
2024-08-03 14:47
Severity ?
EPSS score ?
Summary
An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T14:47:27.784Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tp-link.com/us/press/security-advisory/", }, { tags: [ "x_transferred", ], url: "https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/Sk6sfbTPi", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue in the firmware update process of TP-Link TL-WR841N / TL-WA841ND V7 3.13.9 and earlier allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-20T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.tp-link.com/us/press/security-advisory/", }, { url: "https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/Sk6sfbTPi", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-46912", datePublished: "2022-12-20T00:00:00", dateReserved: "2022-12-12T00:00:00", dateUpdated: "2024-08-03T14:47:27.784Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-8423
Vulnerability from cvelistv5
Published
2020-04-02 17:00
Modified
2024-08-04 09:56
Severity ?
EPSS score ?
Summary
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.tp-link.com/us/security | x_refsource_MISC | |
| https://ktln2.org/2020/03/29/exploiting-mips-router/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T09:56:28.388Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tp-link.com/us/security", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://ktln2.org/2020/03/29/exploiting-mips-router/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-04-02T17:00:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.tp-link.com/us/security", }, { tags: [ "x_refsource_MISC", ], url: "https://ktln2.org/2020/03/29/exploiting-mips-router/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2020-8423", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://www.tp-link.com/us/security", refsource: "MISC", url: "https://www.tp-link.com/us/security", }, { name: "https://ktln2.org/2020/03/29/exploiting-mips-router/", refsource: "MISC", url: "https://ktln2.org/2020/03/29/exploiting-mips-router/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-8423", datePublished: "2020-04-02T17:00:17", dateReserved: "2020-01-28T00:00:00", dateUpdated: "2024-08-04T09:56:28.388Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-11714
Vulnerability from cvelistv5
Published
2018-06-04 14:00
Modified
2024-09-16 23:25
Severity ?
EPSS score ?
Summary
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.
References
| ▼ | URL | Tags |
|---|---|---|
| http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/ | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/44781/ | exploit, x_refsource_EXPLOIT-DB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:17:09.135Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/", }, { name: "44781", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "https://www.exploit-db.com/exploits/44781/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of \"Referer: http://192.168.0.1/mainFrame.htm\" then no authentication is required for any action.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-06-04T14:00:00Z", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/", }, { name: "44781", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "https://www.exploit-db.com/exploits/44781/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-11714", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of \"Referer: http://192.168.0.1/mainFrame.htm\" then no authentication is required for any action.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/", refsource: "MISC", url: "http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router/", }, { name: "44781", refsource: "EXPLOIT-DB", url: "https://www.exploit-db.com/exploits/44781/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-11714", datePublished: "2018-06-04T14:00:00Z", dateReserved: "2018-06-04T00:00:00Z", dateUpdated: "2024-09-16T23:25:29.762Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33536
Vulnerability from cvelistv5
Published
2023-06-07 00:00
Modified
2025-01-07 15:18
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:47:06.154Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/2/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_WlanMacFilterRpm.md", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-33536", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T15:17:51.112928Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125 Out-of-bounds Read", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T15:18:45.830Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-07T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/2/TL-WR940N_TL-WR841N_TL-WR740N_userRpm_WlanMacFilterRpm.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-33536", datePublished: "2023-06-07T00:00:00", dateReserved: "2023-05-22T00:00:00", dateUpdated: "2025-01-07T15:18:45.830Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12576
Vulnerability from cvelistv5
Published
2018-07-02 16:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.
References
| ▼ | URL | Tags |
|---|---|---|
| https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:38:06.393Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-27T00:00:00", descriptions: [ { lang: "en", value: "TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-02T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-12576", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/", refsource: "MISC", url: "https://software-talk.org/blog/2018/04/tplink-wr841n-clickjacking-https/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-12576", datePublished: "2018-07-02T16:00:00", dateReserved: "2018-06-19T00:00:00", dateUpdated: "2024-08-05T08:38:06.393Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36354
Vulnerability from cvelistv5
Published
2023-06-22 00:00
Modified
2024-12-02 21:17
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:45:56.762Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:h:tp-link:tl-wr940n_v4:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr940n_v4", vendor: "tp-link", versions: [ { status: "affected", version: "4", }, ], }, { cpes: [ "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr841n", vendor: "tp-link", versions: [ { status: "affected", version: "8", }, { status: "affected", version: "10", }, ], }, { cpes: [ "cpe:2.3:h:tp-link:tl-wr740n:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr740n", vendor: "tp-link", versions: [ { status: "affected", version: "1", }, { status: "affected", version: "2", }, ], }, { cpes: [ "cpe:2.3:h:tp-link:tl-wr940n:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr940n", vendor: "tp-link", versions: [ { status: "affected", version: "2", }, { status: "affected", version: "3", }, ], }, { cpes: [ "cpe:2.3:h:tp-link:tl-wr941nd:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr941nd", vendor: "tp-link", versions: [ { status: "affected", version: "5", }, { status: "affected", version: "6", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-36354", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-02T21:13:05.767535Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-02T21:17:28.146Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-22T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-36354", datePublished: "2023-06-22T00:00:00", dateReserved: "2023-06-21T00:00:00", dateUpdated: "2024-12-02T21:17:28.146Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36357
Vulnerability from cvelistv5
Published
2023-06-22 00:00
Modified
2024-12-02 18:49
Severity ?
EPSS score ?
Summary
An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:45:57.038Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-36357", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-02T18:47:51.886105Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-770", description: "CWE-770 Allocation of Resources Without Limits or Throttling", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-02T18:49:25.524Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-22T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-36357", datePublished: "2023-06-22T00:00:00", dateReserved: "2023-06-21T00:00:00", dateUpdated: "2024-12-02T18:49:25.524Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-5687
Vulnerability from cvelistv5
Published
2012-11-01 10:00
Modified
2024-08-06 21:14
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
References
| ▼ | URL | Tags |
|---|---|---|
| http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html | x_refsource_MISC | |
| http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/79662 | vdb-entry, x_refsource_XF | |
| http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:14:16.397Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html", }, { name: "20121031 [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { name: "tplink-url-file-include(79662)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/79662", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-10-31T00:00:00", descriptions: [ { lang: "en", value: "Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-07-13T20:10:51", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html", }, { name: "20121031 [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { name: "tplink-url-file-include(79662)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/79662", }, { tags: [ "x_refsource_MISC", ], url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-5687", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html", refsource: "MISC", url: "http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.html", }, { name: "20121031 [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]", refsource: "BUGTRAQ", url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, { name: "tplink-url-file-include(79662)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/79662", }, { name: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", refsource: "MISC", url: "http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-5687", datePublished: "2012-11-01T10:00:00", dateReserved: "2012-10-29T00:00:00", dateUpdated: "2024-08-06T21:14:16.397Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-25073
Vulnerability from cvelistv5
Published
2022-02-22 22:44
Modified
2024-08-03 04:29
Severity ?
EPSS score ?
Summary
TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T04:29:01.527Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-22T22:44:05", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-25073", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N", refsource: "MISC", url: "https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR841N", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-25073", datePublished: "2022-02-22T22:44:05", dateReserved: "2022-02-14T00:00:00", dateUpdated: "2024-08-03T04:29:01.527Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-12577
Vulnerability from cvelistv5
Published
2018-07-02 16:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.
References
| ▼ | URL | Tags |
|---|---|---|
| https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/ | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T08:38:06.318Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-06-27T00:00:00", descriptions: [ { lang: "en", value: "The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-07-02T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-12577", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/", refsource: "MISC", url: "https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577/", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-12577", datePublished: "2018-07-02T16:00:00", dateReserved: "2018-06-19T00:00:00", dateUpdated: "2024-08-05T08:38:06.318Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17147
Vulnerability from cvelistv5
Published
2020-01-07 23:05
Modified
2024-08-05 01:33
Severity ?
EPSS score ?
Summary
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-19-992/ | x_refsource_MISC | |
| https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:33:17.300Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-19-992/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "TL-WR841N", vendor: "TP-Link", versions: [ { status: "affected", version: "0.9.1 4.16 v007c.0 Build 180613 Rel.42415n", }, ], }, ], credits: [ { lang: "en", value: "Nguyen Hoang Thach - Security Researcher at VNPT ISC", }, ], descriptions: [ { lang: "en", value: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "ADJACENT_NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-07T23:05:23", orgId: "99f1926a-a320-47d8-bbb5-42feb611262e", shortName: "zdi", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.zerodayinitiative.com/advisories/ZDI-19-992/", }, { tags: [ "x_refsource_MISC", ], url: "https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "zdi-disclosures@trendmicro.com", ID: "CVE-2019-17147", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "TL-WR841N", version: { version_data: [ { version_value: "0.9.1 4.16 v007c.0 Build 180613 Rel.42415n", }, ], }, }, ], }, vendor_name: "TP-Link", }, ], }, }, credit: "Nguyen Hoang Thach - Security Researcher at VNPT ISC", data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457.", }, ], }, impact: { cvss: { vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, ], }, ], }, references: { reference_data: [ { name: "https://www.zerodayinitiative.com/advisories/ZDI-19-992/", refsource: "MISC", url: "https://www.zerodayinitiative.com/advisories/ZDI-19-992/", }, { name: "https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware", refsource: "MISC", url: "https://www.tp-link.com/us/support/download/tl-wr841n/#Firmware", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "99f1926a-a320-47d8-bbb5-42feb611262e", assignerShortName: "zdi", cveId: "CVE-2019-17147", datePublished: "2020-01-07T23:05:23", dateReserved: "2019-10-04T00:00:00", dateUpdated: "2024-08-05T01:33:17.300Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-6276
Vulnerability from cvelistv5
Published
2013-01-26 21:00
Modified
2024-09-16 22:21
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.kb.cert.org/vuls/id/185100 | third-party-advisory, x_refsource_CERT-VN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:28:39.439Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "VU#185100", tags: [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred", ], url: "http://www.kb.cert.org/vuls/id/185100", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2013-01-26T21:00:00Z", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { name: "VU#185100", tags: [ "third-party-advisory", "x_refsource_CERT-VN", ], url: "http://www.kb.cert.org/vuls/id/185100", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cert@cert.org", ID: "CVE-2012-6276", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "VU#185100", refsource: "CERT-VN", url: "http://www.kb.cert.org/vuls/id/185100", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2012-6276", datePublished: "2013-01-26T21:00:00Z", dateReserved: "2012-12-06T00:00:00Z", dateUpdated: "2024-09-16T22:21:00.784Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36358
Vulnerability from cvelistv5
Published
2023-06-22 00:00
Modified
2024-12-10 21:12
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:45:56.683Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.7, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "LOW", scope: "CHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-36358", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-10T21:10:23.423059Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T21:12:28.618Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-22T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/6/TL-WR940N_WR941ND_WR743ND_WR841N_userRpm_AccessCtrlAccessTargetsRpm.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-36358", datePublished: "2023-06-22T00:00:00", dateReserved: "2023-06-21T00:00:00", dateUpdated: "2024-12-10T21:12:28.618Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-0162
Vulnerability from cvelistv5
Published
2022-02-09 22:05
Modified
2024-09-16 17:13
Severity ?
EPSS score ?
Summary
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068 | x_refsource_MISC |
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:18:41.990Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "TL-WR841N", vendor: "TP-Link", versions: [ { status: "affected", version: "V11 3.16.9 Build 160325 Rel.62500n", }, ], }, ], credits: [ { lang: "en", value: "This vulnerability is found by Parul Sindhwad, Anurag M. Chevendra, Dr. Faruk Kazi from COE-CNDS Lab, VJTI Mumbai, India", }, ], datePublic: "2022-02-07T00:00:00", descriptions: [ { lang: "en", value: "The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-319", description: "CWE-319 Cleartext Transmission of Sensitive Information", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-02-09T22:05:30", orgId: "66834db9-ab24-42b4-be80-296b2e40335c", shortName: "CERT-In", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068", }, ], solutions: [ { lang: "en", value: "Update TPLinkWR841N firmware\nhttps://static.tp-link.com/upload/beta/2021/202112/20211209/wr841nv11_wr841ndv11_eu_3_16_9_up_boot(211209).zip", }, ], source: { discovery: "UNKNOWN", }, title: "Vulnerability in TP-LinK TL-WR841N wireless router", x_generator: { engine: "Vulnogram 0.0.9", }, x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "vdisclose@cert-in.org.in", DATE_PUBLIC: "2022-02-07T04:30:00.000Z", ID: "CVE-2022-0162", STATE: "PUBLIC", TITLE: "Vulnerability in TP-LinK TL-WR841N wireless router", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "TL-WR841N", version: { version_data: [ { version_affected: "=", version_name: "V11", version_value: "3.16.9 Build 160325 Rel.62500n", }, ], }, }, ], }, vendor_name: "TP-Link", }, ], }, }, credit: [ { lang: "eng", value: "This vulnerability is found by Parul Sindhwad, Anurag M. Chevendra, Dr. Faruk Kazi from COE-CNDS Lab, VJTI Mumbai, India", }, ], data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.", }, ], }, generator: { engine: "Vulnogram 0.0.9", }, impact: { cvss: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 8.4, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-319 Cleartext Transmission of Sensitive Information", }, ], }, ], }, references: { reference_data: [ { name: "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068", refsource: "MISC", url: "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2022-0068", }, ], }, solution: [ { lang: "en", value: "Update TPLinkWR841N firmware\nhttps://static.tp-link.com/upload/beta/2021/202112/20211209/wr841nv11_wr841ndv11_eu_3_16_9_up_boot(211209).zip", }, ], source: { discovery: "UNKNOWN", }, }, }, }, cveMetadata: { assignerOrgId: "66834db9-ab24-42b4-be80-296b2e40335c", assignerShortName: "CERT-In", cveId: "CVE-2022-0162", datePublished: "2022-02-09T22:05:30.830425Z", dateReserved: "2022-01-10T00:00:00", dateUpdated: "2024-09-16T17:13:50.223Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36359
Vulnerability from cvelistv5
Published
2023-06-22 00:00
Modified
2024-12-10 21:03
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:45:56.767Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-36359", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-10T21:01:21.608116Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-120", description: "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2024-12-10T21:03:24.267Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, references: [ { tags: [ "broken-link", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", }, ], title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-22T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-36359", datePublished: "2023-06-22T00:00:00", dateReserved: "2023-06-21T00:00:00", dateUpdated: "2024-12-10T21:03:24.267Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-35576
Vulnerability from cvelistv5
Published
2021-01-25 00:00
Modified
2024-08-04 17:09
Severity ?
EPSS score ?
Summary
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T17:09:14.299Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tp-link.com/us/security", }, { tags: [ "x_transferred", ], url: "https://jvn.jp/en/vu/JVNVU92444096/", }, { tags: [ "x_transferred", ], url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#Firmware", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-06T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.tp-link.com/us/security", }, { url: "https://jvn.jp/en/vu/JVNVU92444096/", }, { url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#Firmware", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-35576", datePublished: "2021-01-25T00:00:00", dateReserved: "2020-12-20T00:00:00", dateUpdated: "2024-08-04T17:09:14.299Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-6316
Vulnerability from cvelistv5
Published
2014-09-30 14:00
Modified
2024-08-06 21:28
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/56602 | vdb-entry, x_refsource_BID | |
| http://seclists.org/fulldisclosure/2012/Dec/93 | mailing-list, x_refsource_FULLDISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:28:39.389Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "56602", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/56602", }, { name: "20121207 TP-LINK TL-WR841N XSS (Cross Site Scripting)", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2012/Dec/93", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-11-20T00:00:00", descriptions: [ { lang: "en", value: "Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2014-09-30T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "56602", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/56602", }, { name: "20121207 TP-LINK TL-WR841N XSS (Cross Site Scripting)", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2012/Dec/93", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2012-6316", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "56602", refsource: "BID", url: "http://www.securityfocus.com/bid/56602", }, { name: "20121207 TP-LINK TL-WR841N XSS (Cross Site Scripting)", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2012/Dec/93", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2012-6316", datePublished: "2014-09-30T14:00:00", dateReserved: "2012-12-06T00:00:00", dateUpdated: "2024-08-06T21:28:39.389Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36489
Vulnerability from cvelistv5
Published
2023-09-06 09:35
Modified
2024-09-26 20:03
Severity ?
EPSS score ?
Summary
Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.
References
Impacted products
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:45:56.666Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware", }, { tags: [ "x_transferred", ], url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware", }, { tags: [ "x_transferred", ], url: "https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware", }, { tags: [ "x_transferred", ], url: "https://jvn.jp/en/vu/JVNVU99392903/", }, ], title: "CVE Program Container", }, { affected: [ { cpes: [ "cpe:2.3:o:tp-link:tl-wr802n_firmware:221008:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr802n_firmware", vendor: "tp-link", versions: [ { lessThan: "v4_221008", status: "affected", version: "221008", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:tp-link:tl-wr841n_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr841n_firmware", vendor: "tp-link", versions: [ { lessThan: "v14_230506", status: "affected", version: "0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:o:tp-link:tl-wr902ac_firmware:-:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "tl-wr902ac_firmware", vendor: "tp-link", versions: [ { lessThan: "v3_230506", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { other: { content: { id: "CVE-2023-36489", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2024-09-26T19:59:52.304215Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-26T20:03:19.698Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "TL-WR802N", vendor: "TP-LINK", versions: [ { status: "affected", version: "firmware versions prior to 'TL-WR802N(JP)_V4_221008'", }, ], }, { product: "TL-WR841N", vendor: "TP-LINK", versions: [ { status: "affected", version: "firmware versions prior to 'TL-WR841N(JP)_V14_230506'", }, ], }, { product: "TL-WR902AC", vendor: "TP-LINK", versions: [ { status: "affected", version: "firmware versions prior to 'TL-WR902AC(JP)_V3_230506'", }, ], }, ], descriptions: [ { lang: "en", value: "Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.", }, ], problemTypes: [ { descriptions: [ { description: "OS command injection", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-06T09:35:41.575Z", orgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", shortName: "jpcert", }, references: [ { url: "https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware", }, { url: "https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware", }, { url: "https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware", }, { url: "https://jvn.jp/en/vu/JVNVU99392903/", }, ], }, }, cveMetadata: { assignerOrgId: "ede6fdc4-6654-4307-a26d-3331c018e2ce", assignerShortName: "jpcert", cveId: "CVE-2023-36489", datePublished: "2023-09-06T09:35:41.575Z", dateReserved: "2023-08-15T07:33:33.018Z", dateUpdated: "2024-09-26T20:03:19.698Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-36356
Vulnerability from cvelistv5
Published
2023-06-22 00:00
Modified
2024-12-02 18:41
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T16:45:56.735Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2023-36356", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-12-02T18:41:04.980985Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-12-02T18:41:14.566Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-22T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-36356", datePublished: "2023-06-22T00:00:00", dateReserved: "2023-06-21T00:00:00", dateUpdated: "2024-12-02T18:41:14.566Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-42202
Vulnerability from cvelistv5
Published
2022-10-18 00:00
Modified
2024-08-03 13:03
Severity ?
EPSS score ?
Summary
TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS).
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T13:03:45.750Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR841N 8.0 4.17.16 Build 120201 Rel.54750n is vulnerable to Cross Site Scripting (XSS).", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-18T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.yuque.com/docs/share/b85b8c6f-60ea-4d5c-acc5-3c4285806328", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-42202", datePublished: "2022-10-18T00:00:00", dateReserved: "2022-10-03T00:00:00", dateUpdated: "2024-08-03T13:03:45.750Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-33538
Vulnerability from cvelistv5
Published
2023-06-07 00:00
Modified
2025-01-07 14:29
Severity ?
EPSS score ?
Summary
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T15:47:05.717Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md", }, ], title: "CVE Program Container", }, { metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "LOW", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, }, { other: { content: { id: "CVE-2023-33538", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-01-07T14:29:23.967954Z", version: "2.0.3", }, type: "ssvc", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-77", description: "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-07T14:29:27.872Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-06-07T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.md", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-33538", datePublished: "2023-06-07T00:00:00", dateReserved: "2023-05-22T00:00:00", dateUpdated: "2025-01-07T14:29:27.872Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }