CVE-2012-5687

Name of the Vulnerable Software and Affected Versions TP-LINK TL-WR841N router versions 3.13.9 build 120201 Rel.54965n and earlier

Description A directory traversal issue exists in the web-based management feature, allowing remote attackers to read arbitrary files by including a .. (dot dot) in the PATH INFO to the "help/" URI.

Recommendations For TP-LINK TL-WR841N router versions 3.13.9 build 120201 Rel.54965n and earlier, consider restricting access to the web-based management feature until a fix is available. As a temporary workaround, avoid using the "help/" URI with untrusted input. At the moment, there is no information about a newer version that contains a fix for this vulnerability.