CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2018-12575 – TP-Link TL-WR841N V13 Insecure Direct Object Reference
https://notcve.org/view.php?id=CVE-2018-12575
On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request. En dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n, todas las acciones en la interfaz web se han visto afectadas por una omisión de autenticación mediante una petición HTTP. TP-Link TL-WR841N v13 suffers from an authentication bypass vulnerability via an insecure direct object reference vulnerability. • https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-12577 – TP-Link TL-WR841N V13 Command Injection
https://notcve.org/view.php?id=CVE-2018-12577
The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. Las funcionalidades Ping y Traceroute en dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n permiten la inyección de comandos ciega autenticada. TP-Link TL-WR841N v13 suffers from a blind command injection vulnerability. • https://software-talk.org/blog/2018/06/tplink-wr841n-code-exec-cve-2018-12577 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-12574 – TP-Link TL-WR841N V13 Cross Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-12574
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices. Existe CSRF para todas las acciones en la interfaz web en dispositivos TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n. TP-Link TL-WR841N v13 suffers from cross site request forgery vulnerabilities. • https://software-talk.org/blog/2018/06/tplink-wr841n-csrf-cve-2018-12574 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 26%CPEs: 4EXPL: 2CVE-2018-11714
https://notcve.org/view.php?id=CVE-2018-11714
An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action. Se ha descubierto un problema en los dispositivos TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n y TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n. Este problema viene provocado por una gestión incorrecta de sesiones en la carpeta /cgi/ o un archivo /cgi. • http://blog.securelayer7.net/time-to-disable-tp-link-home-wifi-router https://www.exploit-db.com/exploits/44781 • CWE-384: Session Fixation •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 1CVE-2012-6276 – TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-6276
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter. Vulnerabilidad de salto de directorio en el interfaz de gestión web del router TP-LINK TL-WR841N router con firmware v3.13.9 build 120201 Rel.54965n y anteriores, permite a atacantes remotos leer ficheros arbitrarios a través de un parámetro en la URL. • https://www.exploit-db.com/exploits/24504 http://www.kb.cert.org/vuls/id/185100 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •