CVE-2020-35575
TP-Link TL-WR841N Command Injection
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
Un problema de divulgación de contraseña en la interfaz web de determinados dispositivos TP-Link permite a un atacante remoto obtener acceso administrativo completo al panel web. Esto afecta a los dispositivos WA901ND versiones anteriores a 3.16.9(201211) beta, y los dispositivos Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR840249N, WR840249N, Dispositivos WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N y WRD4300
TP-Link TL-WR841N suffers from a remote command injection vulnerability.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2020-12-20 CVE Reserved
- 2020-12-26 CVE Published
- 2024-04-30 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| https://pastebin.com/F8AuUdck | Third Party Advisory | |
| https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip | X_refsource_misc |
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.tp-link.com/us/security | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Tp-link Search vendor "Tp-link" | Wa901nd Firmware Search vendor "Tp-link" for product "Wa901nd Firmware" | < 3.16.9\(201211\)_beta Search vendor "Tp-link" for product "Wa901nd Firmware" and version " < 3.16.9\(201211\)_beta" | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wa901nd Search vendor "Tp-link" for product "Wa901nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Archer C5 Firmware Search vendor "Tp-link" for product "Archer C5 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Archer C5 Search vendor "Tp-link" for product "Archer C5" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Archer C7 Firmware Search vendor "Tp-link" for product "Archer C7 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Archer C7 Search vendor "Tp-link" for product "Archer C7" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Mr3420 Firmware Search vendor "Tp-link" for product "Mr3420 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Mr3420 Search vendor "Tp-link" for product "Mr3420" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Mr6400 Firmware Search vendor "Tp-link" for product "Mr6400 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Mr6400 Search vendor "Tp-link" for product "Mr6400" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wa701nd Firmware Search vendor "Tp-link" for product "Wa701nd Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wa701nd Search vendor "Tp-link" for product "Wa701nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wa801nd Firmware Search vendor "Tp-link" for product "Wa801nd Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wa801nd Search vendor "Tp-link" for product "Wa801nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wdr3500 Firmware Search vendor "Tp-link" for product "Wdr3500 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wdr3500 Search vendor "Tp-link" for product "Wdr3500" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wdr3600 Firmware Search vendor "Tp-link" for product "Wdr3600 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wdr3600 Search vendor "Tp-link" for product "Wdr3600" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | We843n Firmware Search vendor "Tp-link" for product "We843n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | We843n Search vendor "Tp-link" for product "We843n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr1043nd Firmware Search vendor "Tp-link" for product "Wr1043nd Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr1043nd Search vendor "Tp-link" for product "Wr1043nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr1045nd Firmware Search vendor "Tp-link" for product "Wr1045nd Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr1045nd Search vendor "Tp-link" for product "Wr1045nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr740n Firmware Search vendor "Tp-link" for product "Wr740n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr740n Search vendor "Tp-link" for product "Wr740n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr741nd Firmware Search vendor "Tp-link" for product "Wr741nd Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr741nd Search vendor "Tp-link" for product "Wr741nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr749n Firmware Search vendor "Tp-link" for product "Wr749n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr749n Search vendor "Tp-link" for product "Wr749n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr802n Firmware Search vendor "Tp-link" for product "Wr802n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr802n Search vendor "Tp-link" for product "Wr802n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr840n Firmware Search vendor "Tp-link" for product "Wr840n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr840n Search vendor "Tp-link" for product "Wr840n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr841hp Firmware Search vendor "Tp-link" for product "Wr841hp Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr841hp Search vendor "Tp-link" for product "Wr841hp" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr841n Firmware Search vendor "Tp-link" for product "Wr841n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr841n Search vendor "Tp-link" for product "Wr841n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr842n Firmware Search vendor "Tp-link" for product "Wr842n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr842n Search vendor "Tp-link" for product "Wr842n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr842nd Firmware Search vendor "Tp-link" for product "Wr842nd Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr842nd Search vendor "Tp-link" for product "Wr842nd" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr845n Firmware Search vendor "Tp-link" for product "Wr845n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr845n Search vendor "Tp-link" for product "Wr845n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr940n Firmware Search vendor "Tp-link" for product "Wr940n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr940n Search vendor "Tp-link" for product "Wr940n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr941hp Firmware Search vendor "Tp-link" for product "Wr941hp Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr941hp Search vendor "Tp-link" for product "Wr941hp" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr945n Firmware Search vendor "Tp-link" for product "Wr945n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr945n Search vendor "Tp-link" for product "Wr945n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wr949n Firmware Search vendor "Tp-link" for product "Wr949n Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wr949n Search vendor "Tp-link" for product "Wr949n" | - | - |
Safe
|
| Tp-link Search vendor "Tp-link" | Wrd4300 Firmware Search vendor "Tp-link" for product "Wrd4300 Firmware" | - | - |
Affected
| in | Tp-link Search vendor "Tp-link" | Wrd4300 Search vendor "Tp-link" for product "Wrd4300" | - | - |
Safe
|