CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2019-6972
https://notcve.org/view.php?id=CVE-2019-6972
An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credentials can be easily decoded and cracked by brute-force, WordList, or Rainbow Table attacks. Specifically, credentials in the "Authorization" cookie are encoded with URL encoding and base64, leading to easy decoding. Also, the username is cleartext, and the password is hashed with the MD5 algorithm (after decoding of the URL encoded string with base64). Se descubrió un problema en los dispositivos TP-Link TL-WR1043ND V2. • https://github.com/MalFuzzer/Vulnerability-Research/blob/master/TL-WR1043ND%20V2%20-%20TP-LINK/TL-WR1043ND_PoC.pdf https://twitter.com/MalFuzzer/status/1141269335685652480?s=19 • CWE-326: Inadequate Encryption Strength •
CVSS: 10.0EPSS: 3%CPEs: 2EXPL: 3CVE-2019-6971 – TP-Link TL-WR1043ND 2 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2019-6971
An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials. Se detecto un problema en los dispositivos TP-Link TL-WR1043ND V2. Un atacante puede enviar una cookie en un paquete de autenticación HTTP a la interfaz web de administración del enrutador y controlar completamente el enrutador sin el conocimiento de las credenciales. • https://www.exploit-db.com/exploits/47483 https://github.com/MalFuzzer/Vulnerability-Research/blob/master/TL-WR1043ND%20V2%20-%20TP-LINK/TL-WR1043ND_PoC.pdf https://twitter.com/MalFuzzer/status/1141269335685652480?s=19 •
CVSS: 4.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-12195 – TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-12195
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet. Los dispositivos TP-Link TL-WR840N v5 00000005 permiten una vulnerabilidad de tipo XSS por medio del parámetro network name. • https://www.exploit-db.com/exploits/46882 http://packetstormsecurity.com/files/153027/TP-LINK-TL-WR840N-Cross-Site-Scripting.html https://www.tp-link.com/us/security • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2016-10719
https://notcve.org/view.php?id=CVE-2016-10719
TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password. Los dispositivos TP-Link Archer CR-700 1.0.6 tienen una vulnerabilidad XSS que se puede introducir en la cuenta de administrador a través de una solicitud DHCP, lo que permite al atacante robar la información de la cookie, que contiene el nombre de usuario y la contraseña codificados en base64. • https://packetstormsecurity.com/files/138881/TP-Link-Archer-CR-700-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 1CVE-2018-18489
https://notcve.org/view.php?id=CVE-2018-18489
The ping feature in the Diagnostic functionality on TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n devices allows remote attackers to cause a denial of service (HTTP service termination) by modifying the packet size to be higher than the UI limit of 1472. La función ping en la funcionalidad de diagnóstico en TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n podría permitir a los atacantes remotos causar una denegación de servicio (terminación del servicio HTTP) modificando el tamaño del paquete para que sea mayor que el límite de UI de 1472. • https://youtu.be/VGNEYWR9MgY •