PT-2018-11261 · Tp Link · Tp-Link Tl-Wr841N

Published

2018-07-02

Updated

2018-09-04

CVE-2018-12575

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR841N version 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n

Description The issue affects all actions in the web interface of the device, allowing bypass of authentication via an HTTP request.

Recommendations For TP-Link TL-WR841N version 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n, consider restricting access to the web interface until a fix is available. As a temporary workaround, limit the exposure of the device to the internet and avoid using the web interface for critical operations. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2018-12575

Affected Products

Tp-Link Tl-Wr841N

PT-2018-11261 · Tp Link · Tp-Link Tl-Wr841N

CVE-2018-12575

Weakness Enumeration

Related Identifiers

Affected Products

References · 3