CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2012-6316 – TP-LINK TL-WR841N 3.13.9 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2012-6316
20 Nov 2012 — Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm. Múltiples vulnerabilidades de XSS en el router TP-LINK TL-WR841N con firmware 3.13.9 Build 120201 Rel.54965n y anteriores permiten a administradores remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro... • https://packetstorm.news/files/id/118237 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 67%CPEs: 2EXPL: 3CVE-2012-5687 – TP-Link Wireless Lite N Access Point Directory Traversal Vulnerability
https://notcve.org/view.php?id=CVE-2012-5687
01 Nov 2012 — Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI. Una vulnerabilidad de salto de directorio en la función de administración web del Router TP-LINK TL-WR841N con firmware v3.13.9 build 120201 Rel.54965n y anteriores permite a atacantes remotos leer archivos de su elección a través de un .. (punto punt... • https://packetstorm.news/files/id/181183 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •