var-201410-0027
Vulnerability from variot

Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka "FTP directory traversal") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm. The TP-LINK TL-WR1043ND is a wireless router device. The TP-LINK TL-WR1043ND router has a cross-site request forgery vulnerability that allows remote attackers to build malicious URIs, entice login users to resolve, perform malicious operations in the target user context, change administrator passwords, or enable management services. The TP-Link TL-WR1043N Router is prone to a cross-site request-forgery vulnerability. Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected device

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201410-0027",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "tp link",
        "version": "tl-wr1043nd_v1_120405"
      },
      {
        "model": "tl-wr1043nd",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "tp link",
        "version": "v1_120405"
      },
      {
        "model": "tl-wr1043nd v1 120405",
        "scope": null,
        "trust": 0.6,
        "vendor": "tp link",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:tp-link:tl-wr1043nd_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jacob Holcomb, Independent Security Evaluators",
    "sources": [
      {
        "db": "BID",
        "id": "59442"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2013-2645",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2013-2645",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "ADJACENT_NETWORK",
            "authentication": "SINGLE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.3,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 4.4,
            "id": "CNVD-2013-04055",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.6,
            "vectorString": "AV:A/AC:M/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-62647",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-2645",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-2645",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2013-04055",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201304-533",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-62647",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka \"FTP directory traversal\") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm. The TP-LINK TL-WR1043ND is a wireless router device. The TP-LINK TL-WR1043ND router has a cross-site request forgery vulnerability that allows remote attackers to build malicious URIs, entice login users to resolve, perform malicious operations in the target user context, change administrator passwords, or enable management services. The TP-Link TL-WR1043N Router is prone to a cross-site request-forgery vulnerability. \nAttackers can exploit this issue to perform certain administrative  actions and gain unauthorized access to the affected device",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "BID",
        "id": "59442"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      }
    ],
    "trust": 2.52
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-62647",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2013-2645",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "59442",
        "trust": 1.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "38492",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "db": "BID",
        "id": "59442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "id": "VAR-201410-0027",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      }
    ],
    "trust": 1.3857143
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      }
    ]
  },
  "last_update_date": "2024-08-14T15:44:46.148000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "TL-WR1043ND",
        "trust": 0.8,
        "url": "http://www.tp-link.com/lk/search/?keywords=WR1043N"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2645"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2645"
      },
      {
        "trust": 0.6,
        "url": "http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/"
      },
      {
        "trust": 0.6,
        "url": "http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp"
      },
      {
        "trust": 0.6,
        "url": "http://securityevaluators.com/content/case-studies/routers/tp-link_wr1043n.jsp"
      },
      {
        "trust": 0.6,
        "url": "http://www.securityfocus.com/bid/59442"
      },
      {
        "trust": 0.3,
        "url": "http://www.tp-link.com/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "db": "BID",
        "id": "59442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "db": "BID",
        "id": "59442"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "date": "2014-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "date": "2013-04-24T00:00:00",
        "db": "BID",
        "id": "59442"
      },
      {
        "date": "2014-10-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "date": "2013-04-25T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "date": "2014-10-06T01:55:07.727000",
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-04-24T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2013-04055"
      },
      {
        "date": "2014-10-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-62647"
      },
      {
        "date": "2013-04-24T00:00:00",
        "db": "BID",
        "id": "59442"
      },
      {
        "date": "2014-10-07T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      },
      {
        "date": "2015-04-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      },
      {
        "date": "2014-10-06T18:50:36.540000",
        "db": "NVD",
        "id": "CVE-2013-2645"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "TP-LINK WR1043ND Cross-site request forgery vulnerability in router firmware",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-006658"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201304-533"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.