PT-2018-11261 · Tp Link · Tp-Link Tl-Wr841N

Publicado

2018-07-02

Atualizado

2018-09-04

CVE-2018-12575

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N version 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n

Description The issue affects all actions in the web interface of the device, allowing bypass of authentication via an HTTP request.

Recommendations For TP-Link TL-WR841N version 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n, consider restricting access to the web interface until a fix is available. As a temporary workaround, limit the exposure of the device to the internet and avoid using the web interface for critical operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-287

Identificadores relacionados

CVE-2018-12575

Produtos afetados

Tp-Link Tl-Wr841N

PT-2018-11261 · Tp Link · Tp-Link Tl-Wr841N

CVE-2018-12575

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3