CVSS: 7.5EPSS: 2%CPEs: 8EXPL: 4CVE-2013-2572 – TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-2572
28 May 2013 — A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. Se presenta una vulnerabilidad de Omisión de Seguridad en TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, y 3130 versiones 1.6.18P12, debido a credenciales predeterminadas embebidas para la interfaz web administrativa, lo que podría ... • https://packetstorm.news/files/id/121788 • CWE-798: Use of Hard-coded Credentials •
CVSS: 10.0EPSS: 13%CPEs: 6EXPL: 3CVE-2013-2573 – TP-Link IP Cameras Firmware 1.6.18P12 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2013-2573
28 May 2013 — A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code. Se presenta una vulnerabilidad de Inyección de Comandos en el parámetro ap del archivo /cgi-bin/mft/wireless_mft.cgi en TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. y 4171G versión 1.6.18P12s, que podría permitir a un usuario malicioso ejecutar código arbitrario. TP-Lin... • https://packetstorm.news/files/id/121788 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2012-6276 – TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-6276
26 Jan 2013 — Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter. Vulnerabilidad de salto de directorio en el interfaz de gestión web del router TP-LINK TL-WR841N router con firmware v3.13.9 build 120201 Rel.54965n y anteriores, permite a atacantes remotos leer ficheros arbitrarios a través de un parámetro en la URL. • https://www.exploit-db.com/exploits/24504 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.8EPSS: 30%CPEs: 2EXPL: 3CVE-2012-5687 – TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2012-5687
01 Nov 2012 — Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI. Una vulnerabilidad de salto de directorio en la función de administración web del Router TP-LINK TL-WR841N con firmware v3.13.9 build 120201 Rel.54965n y anteriores permite a atacantes remotos leer archivos de su elección a través de un .. (punto punt... • https://packetstorm.news/files/id/181183 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2012-2440
https://notcve.org/view.php?id=CVE-2012-2440
28 Apr 2012 — The default configuration of the TP-Link 8840T router enables web-based administration on the WAN interface, which allows remote attackers to establish an HTTP connection and possibly have unspecified other impact via unknown vectors. La configuración por defecto del router TP-Link 8840T permite la administración basada en web en la interfaz WAN, lo que permite establecer una conexión HTTP a atacantes remotos y posiblemente tener un impacto no especificado a través de vectores desconocidos. • http://www.kb.cert.org/vuls/id/834723 • CWE-264: Permissions, Privileges, and Access Controls •