6 results (0.007 seconds)

CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-5393 – TP-Link EAP Controller versions 2.5.3 and earlier lack RMI authentication

https://notcve.org/view.php?id=CVE-2018-5393

The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. It utilizes a Java remote method invocation (RMI) service for remote control. The RMI interface does not require any authentication before use, so it lacks user authentication for RMI service commands in EAP controller versions 2.5.3 and earlier. Remote attackers can implement deserialization attacks through the RMI protocol. Successful attacks may allow a remote attacker to remotely control the target server and execute Java functions or bytecode. • http://www.securityfocus.com/bid/105402 https://www.kb.cert.org/vuls/id/581311 • CWE-306: Missing Authentication for Critical Function •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2018-10167 – TP-Link EAP Controller CSRF / Hard-Coded Key / XSS

https://notcve.org/view.php?id=CVE-2018-10167

The web application backup file in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows is encrypted with a hard-coded cryptographic key, so anyone who knows that key and the algorithm can decrypt it. A low-privilege user could decrypt and modify the backup file in order to elevate their privileges. This is fixed in version 2.6.1_Windows. El archivo de copia de seguridad de la aplicación web en TP-Link EAP Controller y Omada Controller en versiones 2.5.4_Windows/2.6.0_Windows está cifrado con una clave criptográfica embebida, por lo que cualquiera que conozca dicha clave y el algoritmo puede descifrarlo. Un usuario con pocos privilegios puede descifrar y modificar el archivo de copia de seguridad para elevar sus privilegios. • http://www.securityfocus.com/bid/104094 https://www.coresecurity.com/advisories/tp-link-eap-controller-multiple-vulnerabilities • CWE-798: Use of Hard-coded Credentials •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2018-10168 – TP-Link EAP Controller CSRF / Hard-Coded Key / XSS

https://notcve.org/view.php?id=CVE-2018-10168

TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows do not control privileges for usage of the Web API, allowing a low-privilege user to make any request as an Administrator. This is fixed in version 2.6.1_Windows. TP-Link EAP Controller y Omada Controller en versiones 2.5.4_Windows/2.6.0_Windows no controlan los privilegios para el uso de la API web, lo que permite que un usuario con pocos privilegios realice cualquier petición como Administrador. Esto se ha solucionado en la versión 2.6.1_Windows. TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities. • http://www.securityfocus.com/bid/104094 https://www.coresecurity.com/advisories/tp-link-eap-controller-multiple-vulnerabilities • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1

CVE-2018-10166 – TP-Link EAP Controller CSRF / Hard-Coded Key / XSS

https://notcve.org/view.php?id=CVE-2018-10166

The web management interface in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows does not have Anti-CSRF tokens in any forms. This would allow an attacker to submit authenticated requests when an authenticated user browses an attack-controlled domain. This is fixed in version 2.6.1_Windows. La interfaz web de gestión en TP-Link EAP Controller y Omada Controller en versiones 2.5.4_Windows/2.6.0_Windows no tiene tokens Anti-CSRF en ningún formulario. Esto permitiría que un atacante envíe peticiones autenticadas cuando un usuario autenticado navega por un dominio controlado por un atacante. • http://www.securityfocus.com/bid/104094 https://www.coresecurity.com/advisories/tp-link-eap-controller-multiple-vulnerabilities • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1

CVE-2018-10165 – TP-Link EAP Controller CSRF / Hard-Coded Key / XSS

https://notcve.org/view.php?id=CVE-2018-10165

Stored Cross-site scripting (XSS) vulnerability in the TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows allows authenticated attackers to inject arbitrary web script or HTML via the userName parameter in the local user creation functionality. This is fixed in version 2.6.1_Windows. Vulnerabilidad Cross-Site Scripting (XSS) persistente en TP-Link EAP Controller y Omada Controller en versiones 2.5.4_Windows/2.6.0_Windows permite que atacantes autenticados inyecten scripts web o HTML arbitrarios mediante el parámetro userName en la funcionalidad de creación de usuarios locales. Esto se ha solucionado en la versión 2.6.1_Windows. TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities. • http://www.securityfocus.com/bid/104094 https://www.coresecurity.com/advisories/tp-link-eap-controller-multiple-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •