Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
8 vulnerabilities by tplink
VAR-201810-0173
Vulnerability from variot - Updated: 2023-12-26 22:57TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI. TP-Link TL-SC3130 The device contains an information disclosure vulnerability.Information may be obtained. The TP-LinkTL-SC3130 is an IP network camera from China Unicom (TP-LINK). There is a security vulnerability in the TP-LinkTL-SC31301.6.18 version. An attacker could exploit this vulnerability to divulge real-time RTSP streams. The TL-SC3130G surveillance camera is a versatile solution foryour home and office monitoring, whose 54Mbps wireless connectivity enablesyou to deploy the camera where inaccessible previously by Ethernet connectionsuch as ceiling and walls. This camera can be placed in your living room,office, or anywhere else you would like to keep an eye on things. After ahassle-free installation, you can view and control the camera from a Webbrowser, bundled software, or compatible cell phone. Besides basic monitoringtools such as motion detection and E-mail alerts which is motion triggeredsending an alert when the camera detects movement, advanced features ofhigh availability are also added, such as 2-way audio, dual streaming,and 3GPP compatibility, even the error detection tool 'Ping Watch Dog',making TL-SC3130G an excellent indoor surveillance solution.The TP-Link TL-SC3130 suffers from an unauthenticated and unauthorizedlive RTSP stream disclosure.Tested on: Boa/0.94.14rc21
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0173",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tl-sc3130",
"scope": "eq",
"trust": 1.8,
"vendor": "tp link",
"version": "1.6.18p12_121101"
},
{
"model": "tl-sc3130",
"scope": "eq",
"trust": 0.6,
"vendor": "tp link",
"version": "1.6.18"
},
{
"model": "tp-link tl-sc",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "1.6.18p12_121101"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "NVD",
"id": "CVE-2018-18428"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-sc3130_firmware:1.6.18p12_121101:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tp-link:tl-sc3130:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18428"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
}
],
"trust": 0.1
},
"cve": "CVE-2018-18428",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-18428",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2018-21628",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-128986",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-18428",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-18428",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2018-21628",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-1055",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "ZSL",
"id": "ZSL-2018-5497",
"trust": 0.1,
"value": "(3/5)"
},
{
"author": "VULHUB",
"id": "VHN-128986",
"trust": 0.1,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2018-18428",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "VULHUB",
"id": "VHN-128986"
},
{
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI. TP-Link TL-SC3130 The device contains an information disclosure vulnerability.Information may be obtained. The TP-LinkTL-SC3130 is an IP network camera from China Unicom (TP-LINK). There is a security vulnerability in the TP-LinkTL-SC31301.6.18 version. An attacker could exploit this vulnerability to divulge real-time RTSP streams. The TL-SC3130G surveillance camera is a versatile solution foryour home and office monitoring, whose 54Mbps wireless connectivity enablesyou to deploy the camera where inaccessible previously by Ethernet connectionsuch as ceiling and walls. This camera can be placed in your living room,office, or anywhere else you would like to keep an eye on things. After ahassle-free installation, you can view and control the camera from a Webbrowser, bundled software, or compatible cell phone. Besides basic monitoringtools such as motion detection and E-mail alerts which is motion triggeredsending an alert when the camera detects movement, advanced features ofhigh availability are also added, such as 2-way audio, dual streaming,and 3GPP compatibility, even the error detection tool \u0027Ping Watch Dog\u0027,making TL-SC3130G an excellent indoor surveillance solution.The TP-Link TL-SC3130 suffers from an unauthenticated and unauthorizedlive RTSP stream disclosure.Tested on: Boa/0.94.14rc21",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "VULHUB",
"id": "VHN-128986"
},
{
"db": "VULMON",
"id": "CVE-2018-18428"
}
],
"trust": 2.43
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/tplink_tlsc3130_stream.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://vulmon.com/exploitdetails?qidtp=exploitdb\u0026qid=45632",
"trust": 0.1,
"type": "exploit"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "VULMON",
"id": "CVE-2018-18428"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-18428",
"trust": 3.3
},
{
"db": "PACKETSTORM",
"id": "149843",
"trust": 2.7
},
{
"db": "EXPLOIT-DB",
"id": "45632",
"trust": 1.9
},
{
"db": "ZSL",
"id": "ZSL-2018-5497",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1055",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2018-21628",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-128986",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2018-18428",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "VULHUB",
"id": "VHN-128986"
},
{
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
]
},
"id": "VAR-201810-0173",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "VULHUB",
"id": "VHN-128986"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-21628"
}
]
},
"last_update_date": "2023-12-26T22:57:58.973000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "http://www.tp-link.com"
},
{
"title": "https://github.com/Samsung/cotopaxi",
"trust": 0.1,
"url": "https://github.com/samsung/cotopaxi "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-128986"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "NVD",
"id": "CVE-2018-18428"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "https://packetstormsecurity.com/files/149843"
},
{
"trust": 2.0,
"url": "https://www.exploit-db.com/exploits/45632/"
},
{
"trust": 1.8,
"url": "https://www.zeroscience.mk/en/vulnerabilities/zsl-2018-5497.php"
},
{
"trust": 1.5,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18428"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-18428"
},
{
"trust": 0.6,
"url": "http://packetstormsecurity.com/files/149843/tp-link-tl-sc3130-1.6.18-unauthenticated-rtsp-stream-disclosure.html"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/151628"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/samsung/cotopaxi"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "VULHUB",
"id": "VHN-128986"
},
{
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"db": "VULHUB",
"id": "VHN-128986"
},
{
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-17T00:00:00",
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"date": "2018-10-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"date": "2018-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-128986"
},
{
"date": "2018-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"date": "2019-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"date": "2018-10-19T22:29:02.117000",
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"date": "2018-10-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-20T00:00:00",
"db": "ZSL",
"id": "ZSL-2018-5497"
},
{
"date": "2018-10-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-21628"
},
{
"date": "2019-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-128986"
},
{
"date": "2019-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2018-18428"
},
{
"date": "2019-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-013712"
},
{
"date": "2019-01-23T17:04:24.593000",
"db": "NVD",
"id": "CVE-2018-18428"
},
{
"date": "2019-02-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link TL-SC3130 Information disclosure vulnerability in devices",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-013712"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-1055"
}
],
"trust": 0.6
}
}
VAR-201910-1350
Vulnerability from variot - Updated: 2023-12-18 13:47TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities. TP-Link TL-WDR4300 Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link TL-WDR4300 is a wireless router from China's TP-Link.
A cross-site request forgery vulnerability exists in version 3.13.31 of TP-Link TL-WDR4300. The vulnerability stems from the fact that the WEB application does not fully verify whether the request is from a trusted user. The vulnerability can be exploited by an attacker to send an unexpected response to the server through the affected client. Request. Exploiting these issues may allow a remote attacker to perform certain unauthorized actions and compromise the affected device
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-1350",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tl-wdr4300",
"scope": "eq",
"trust": 2.7,
"vendor": "tp link",
"version": "3.13.31"
},
{
"model": "tp-link tl-wdr4300",
"scope": "eq",
"trust": 0.6,
"vendor": "tplink",
"version": "3.13.31"
},
{
"model": "tl-wdr4300",
"scope": "eq",
"trust": 0.6,
"vendor": "tp link",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "BID",
"id": "62884"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-wdr4300_firmware:3.13.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tp-link:tl-wdr4300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4848"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Holcomb of Independent Security Evaluators.",
"sources": [
{
"db": "BID",
"id": "62884"
}
],
"trust": 0.3
},
"cve": "CVE-2013-4848",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-4848",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2019-40473",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2013-4848",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4848",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-40473",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-1502",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link TL-WDR4300 version 3.13.31 has multiple CSRF vulnerabilities. TP-Link TL-WDR4300 Contains a cross-site request forgery vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-Link TL-WDR4300 is a wireless router from China\u0027s TP-Link. \n\nA cross-site request forgery vulnerability exists in version 3.13.31 of TP-Link TL-WDR4300. The vulnerability stems from the fact that the WEB application does not fully verify whether the request is from a trusted user. The vulnerability can be exploited by an attacker to send an unexpected response to the server through the affected client. Request. \nExploiting these issues may allow a remote attacker to perform certain unauthorized actions and compromise the affected device",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "BID",
"id": "62884"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4848",
"trust": 3.3
},
{
"db": "BID",
"id": "62884",
"trust": 2.5
},
{
"db": "VULDB",
"id": "10495",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-40473",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "BID",
"id": "62884"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"id": "VAR-201910-1350",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
}
]
},
"last_update_date": "2023-12-18T13:47:48.256000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TL-WDR4300",
"trust": 0.8,
"url": "https://www.tp-link.com/us/home-networking/wifi-router/tl-wdr4300/"
},
{
"title": "Patch for TP-Link TL-WDR4300 Cross-Site Request Forgery Vulnerability (CNVD-2019-40473)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/189887"
},
{
"title": "TP-Link TL-WDR4300 Fixes for cross-site request forgery vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=101405"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "NVD",
"id": "CVE-2013-4848"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://vuldb.com/?id.10495"
},
{
"trust": 2.2,
"url": "https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf"
},
{
"trust": 1.6,
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"trust": 1.6,
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"trust": 1.6,
"url": "https://www.securityfocus.com/bid/62884/info"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4848"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4848"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/62884"
},
{
"trust": 0.3,
"url": "http://www.tp-link.com/en/products/details/?model=tl-wdr4300#down"
},
{
"trust": 0.3,
"url": "http://www.tp-link.com/"
},
{
"trust": 0.3,
"url": "http://securityevaluators.com/content/case-studies/routers/vulnerability_catalog.pdf"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "BID",
"id": "62884"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"db": "BID",
"id": "62884"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"date": "2013-07-26T00:00:00",
"db": "BID",
"id": "62884"
},
{
"date": "2019-10-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"date": "2019-10-25T17:15:10.663000",
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"date": "2019-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-13T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-40473"
},
{
"date": "2013-07-26T00:00:00",
"db": "BID",
"id": "62884"
},
{
"date": "2019-10-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006858"
},
{
"date": "2019-10-28T18:58:52.680000",
"db": "NVD",
"id": "CVE-2013-4848"
},
{
"date": "2019-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link TL-WDR4300 Vulnerable to cross-site request forgery",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006858"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1502"
}
],
"trust": 0.6
}
}
VAR-201412-0139
Vulnerability from variot - Updated: 2023-12-18 12:51TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote attackers to cause a denial of service (httpd crash) via vectors involving a "new" value in the isNew parameter to PingIframeRpm.htm. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlService disruption by a third party (httpd crash ) There is a possibility of being put into a state. The TP-LINK TL-WR740N is a wireless router device. TP-Link TL-WR740N is prone to a denial-of-service vulnerability. The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b&g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price. Bordering on 11n and surpassing 11g speed enables high bandwidth consuming applications like video streaming to be more fluid.The TP-Link WR740N Wireless N Router network device is exposed to adenial of service vulnerability when processing a HTTP GET request. Thisissue occurs when the web server (httpd) fails to handle a HTTP GET requestover a given default TCP port 80. Resending the value 'new' to the 'isNew'parameter in 'PingIframeRpm.htm' script to the router thru a proxy willcrash its httpd service denying the legitimate users access to the admincontrol panel management interface. To bring back the http srv and theadmin UI, a user must physically reboot the router.Tested on: Router Webserver. A security vulnerability exists in the PingIframeRpm.htm script of TP-LINK TL-WR740N. The following versions are affected: TP-LINK TL-WR740N version 4 using firmware versions 3.17.0 Build 140520, 3.16.6 Build 130529 and 3.16.4 Build 130205
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201412-0139",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 2.1,
"vendor": "tp link",
"version": "4"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 1.6,
"vendor": "tp link",
"version": "3.16.4"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 1.6,
"vendor": "tp link",
"version": "3.17.0"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 1.6,
"vendor": "tp link",
"version": "3.16.6"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.8,
"vendor": "tp link",
"version": "3.16.4 build 130205"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.8,
"vendor": "tp link",
"version": "3.16.6 build 130529"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.8,
"vendor": "tp link",
"version": "3.17.0 build 140520"
},
{
"model": "tl-wr740n",
"scope": null,
"trust": 0.6,
"vendor": "tp link",
"version": null
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.17.0140520"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.16.6130529"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.16.4130205"
},
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "4.23"
},
{
"model": "tl-wr740n build",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.17.0140520"
},
{
"model": "tl-wr740n build",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.16.6130529"
},
{
"model": "tl-wr740n build",
"scope": "eq",
"trust": 0.3,
"vendor": "tp link",
"version": "3.16.4130205"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "firmware version: 3.17.0 build 140520 rel.75075n (released: 5/20/2014)"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "firmware version: 3.16.6 build 130529 rel.47286n (released: 5/29/2013)"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "firmware version: 3.16.4 build 130205 rel.63875n (released: 2/5/2013)"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "hardware version: wr740n v4 00000000 (v4.23)"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "model no. tl-wr740n / tl-wr740nd"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "BID",
"id": "77725"
},
{
"db": "BID",
"id": "71255"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-wr740n_firmware:3.16.6:130529:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-wr740n_firmware:3.16.4:130205:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-wr740n_firmware:3.17.0:140520:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tp-link:tl-wr740n:4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9350"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gjoko Krstic",
"sources": [
{
"db": "BID",
"id": "71255"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
],
"trust": 0.9
},
"cve": "CVE-2014-9350",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 5.0,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2014-9350",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-08509",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-77295",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-9350",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-08509",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-466",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "ZSL",
"id": "ZSL-2014-5210",
"trust": 0.1,
"value": "(2/5)"
},
{
"author": "VULHUB",
"id": "VHN-77295",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "VULHUB",
"id": "VHN-77295"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link TL-WR740N 4 with firmware 3.17.0 Build 140520, 3.16.6 Build 130529, and 3.16.4 Build 130205 allows remote attackers to cause a denial of service (httpd crash) via vectors involving a \"new\" value in the isNew parameter to PingIframeRpm.htm. Supplementary information : CWE Vulnerability type by CWE-19: Data Handling ( Data processing ) Has been identified. http://cwe.mitre.org/data/definitions/19.htmlService disruption by a third party (httpd crash ) There is a possibility of being put into a state. The TP-LINK TL-WR740N is a wireless router device. TP-Link TL-WR740N is prone to a denial-of-service vulnerability. The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b\u0026amp;g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price. Bordering on 11n and surpassing 11g speed enables high bandwidth consuming applications like video streaming to be more fluid.The TP-Link WR740N Wireless N Router network device is exposed to adenial of service vulnerability when processing a HTTP GET request. Thisissue occurs when the web server (httpd) fails to handle a HTTP GET requestover a given default TCP port 80. Resending the value \u0027new\u0027 to the \u0027isNew\u0027parameter in \u0027PingIframeRpm.htm\u0027 script to the router thru a proxy willcrash its httpd service denying the legitimate users access to the admincontrol panel management interface. To bring back the http srv and theadmin UI, a user must physically reboot the router.Tested on: Router Webserver. A security vulnerability exists in the PingIframeRpm.htm script of TP-LINK TL-WR740N. The following versions are affected: TP-LINK TL-WR740N version 4 using firmware versions 3.17.0 Build 140520, 3.16.6 Build 130529 and 3.16.4 Build 130205",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "BID",
"id": "77725"
},
{
"db": "BID",
"id": "71255"
},
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "VULHUB",
"id": "VHN-77295"
}
],
"trust": 2.88
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/tplink_mitmdos.txt",
"trust": 0.1,
"type": "poc"
},
{
"reference": "https://www.scap.org.cn/vuln/vhn-77295",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "VULHUB",
"id": "VHN-77295"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-9350",
"trust": 3.5
},
{
"db": "ZSL",
"id": "ZSL-2014-5210",
"trust": 3.2
},
{
"db": "EXPLOIT-DB",
"id": "35345",
"trust": 1.8
},
{
"db": "PACKETSTORM",
"id": "129227",
"trust": 1.8
},
{
"db": "OSVDB",
"id": "115017",
"trust": 1.8
},
{
"db": "BID",
"id": "71255",
"trust": 1.6
},
{
"db": "XF",
"id": "98927",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-08509",
"trust": 0.6
},
{
"db": "BID",
"id": "77725",
"trust": 0.4
},
{
"db": "CXSECURITY",
"id": "WLB-2014110153",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-77295",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "VULHUB",
"id": "VHN-77295"
},
{
"db": "BID",
"id": "77725"
},
{
"db": "BID",
"id": "71255"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"id": "VAR-201412-0139",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "VULHUB",
"id": "VHN-77295"
}
],
"trust": 1.3956522
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08509"
}
]
},
"last_update_date": "2023-12-18T12:51:49.043000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "TL-WR740N",
"trust": 0.8,
"url": "http://www.tplink.com/au/products/details/?model=tl-wr740n"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-19",
"trust": 1.1
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-77295"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "NVD",
"id": "CVE-2014-9350"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.1,
"url": "http://www.zeroscience.mk/en/vulnerabilities/zsl-2014-5210.php"
},
{
"trust": 1.7,
"url": "http://www.exploit-db.com/exploits/35345"
},
{
"trust": 1.7,
"url": "http://packetstormsecurity.com/files/129227/tp-link-tl-wr740n-denial-of-service.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/115017"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/71255"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98927"
},
{
"trust": 1.0,
"url": "http://xforce.iss.net/xforce/xfdb/98927"
},
{
"trust": 0.9,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9350"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9350"
},
{
"trust": 0.3,
"url": "http://www.tp-link.com/en/"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2014110153"
},
{
"trust": 0.1,
"url": "http://www.exploit-db.com/exploits/35345/"
},
{
"trust": 0.1,
"url": "http://packetstormsecurity.com/files/129227"
},
{
"trust": 0.1,
"url": "http://osvdb.org/show/osvdb/115017"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-9350"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "VULHUB",
"id": "VHN-77295"
},
{
"db": "BID",
"id": "77725"
},
{
"db": "BID",
"id": "71255"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "VULHUB",
"id": "VHN-77295"
},
{
"db": "BID",
"id": "77725"
},
{
"db": "BID",
"id": "71255"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-22T00:00:00",
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"date": "2014-11-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"date": "2014-12-08T00:00:00",
"db": "VULHUB",
"id": "VHN-77295"
},
{
"date": "2014-12-08T00:00:00",
"db": "BID",
"id": "77725"
},
{
"date": "2014-11-22T00:00:00",
"db": "BID",
"id": "71255"
},
{
"date": "2014-12-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"date": "2014-12-08T16:59:22.370000",
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"date": "2014-11-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-12-09T00:00:00",
"db": "ZSL",
"id": "ZSL-2014-5210"
},
{
"date": "2014-11-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"date": "2017-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-77295"
},
{
"date": "2014-12-08T00:00:00",
"db": "BID",
"id": "77725"
},
{
"date": "2014-11-22T00:00:00",
"db": "BID",
"id": "71255"
},
{
"date": "2014-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005843"
},
{
"date": "2017-09-08T01:29:33.827000",
"db": "NVD",
"id": "CVE-2014-9350"
},
{
"date": "2015-04-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "77725"
},
{
"db": "BID",
"id": "71255"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link TL-WR740N \u0027PingIframeRpm.htm\u0027 Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-08509"
},
{
"db": "BID",
"id": "71255"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "resource management error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-466"
}
],
"trust": 0.6
}
}
VAR-201303-0450
Vulnerability from variot - Updated: 2022-10-19 22:38The TP-LINK TL-WR740N is a wireless router device. A denial of service vulnerability exists in the TP-LINK TL-WR740N router. An attacker could exploit the vulnerability to cause the affected device to crash, resulting in a denial of service. TL-WR740N 3.16.4 Build 130205 Rel.63875n is vulnerable; other versions may also be affected. The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b&g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price. Bordering on 11n and surpassing 11g speed enables high bandwidth consuming applications like video streaming to be more fluid.The TP-Link WR740N Wireless N Router network device is exposed to a remote denial of service vulnerability when processing a HTTP request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Sending a sequence of three dots (...) to the router will crash its httpd service denying the legitimate users access to the admin control panel management interface. To bring back the http srv and the admin UI, a user must physically reboot the router.Tested on: Router Webserver
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201303-0450",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tl-wr740n",
"scope": "eq",
"trust": 0.6,
"vendor": "tp link",
"version": "4.23"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "firmware version: 3.16.4 build 130205 rel.63875n (released: 2/5/2013)"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "hardware version: wr740n v4 00000000 (v4.23)"
},
{
"model": "tp-link tl-wr",
"scope": "eq",
"trust": 0.1,
"vendor": "tplink",
"version": "model no. tl-wr740n / tl-wr740nd"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"db": "CNVD",
"id": "CNVD-2013-02042"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gjoko Krstic",
"sources": [
{
"db": "BID",
"id": "58623"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
],
"trust": 0.9
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-02042",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2013-02042",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "ZSL",
"id": "ZSL-2013-5135",
"trust": 0.1,
"value": "(2/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"db": "CNVD",
"id": "CNVD-2013-02042"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The TP-LINK TL-WR740N is a wireless router device. A denial of service vulnerability exists in the TP-LINK TL-WR740N router. An attacker could exploit the vulnerability to cause the affected device to crash, resulting in a denial of service. \nTL-WR740N 3.16.4 Build 130205 Rel.63875n is vulnerable; other versions may also be affected. The TL-WR740N is a combined wired/wireless network connection device integrated with internet-sharing router and 4-port switch. The wireless N Router is 802.11b\u0026amp;g compatible based on 802.11n technology and gives you 802.11n performance up to 150Mbps at an even more affordable price. Bordering on 11n and surpassing 11g speed enables high bandwidth consuming applications like video streaming to be more fluid.The TP-Link WR740N Wireless N Router network device is exposed to a remote denial of service vulnerability when processing a HTTP request. This issue occurs when the web server (httpd) fails to handle a HTTP GET request over a given default TCP port 80. Sending a sequence of three dots (...) to the router will crash its httpd service denying the legitimate users access to the admin control panel management interface. To bring back the http srv and the admin UI, a user must physically reboot the router.Tested on: Router Webserver",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"db": "BID",
"id": "58623"
},
{
"db": "ZSL",
"id": "ZSL-2013-5135"
}
],
"trust": 0.9
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "http://www.tp-link.us/support/download/?model=tl-wr740n\u0026version=v4#tbl_j",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5135"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "58623",
"trust": 1.6
},
{
"db": "CNVD",
"id": "CNVD-2013-02042",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201303-457",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "24866",
"trust": 0.1
},
{
"db": "XF",
"id": "82995",
"trust": 0.1
},
{
"db": "VULDB",
"id": "8076",
"trust": 0.1
},
{
"db": "SECUNIA",
"id": "52713",
"trust": 0.1
},
{
"db": "OSVDB",
"id": "91581",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "120893",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2013030181",
"trust": 0.1
},
{
"db": "ZSL",
"id": "ZSL-2013-5135",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"db": "BID",
"id": "58623"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
]
},
"id": "VAR-201303-0450",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02042"
}
],
"trust": 1.2956522000000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02042"
}
]
},
"last_update_date": "2022-10-19T22:38:17.593000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/58623"
},
{
"trust": 0.1,
"url": "http://packetstormsecurity.com/files/120893"
},
{
"trust": 0.1,
"url": "http://cxsecurity.com/issue/wlb-2013030181"
},
{
"trust": 0.1,
"url": "http://www.exploit-db.com/exploits/24866/"
},
{
"trust": 0.1,
"url": "http://1337day.com/exploit/20540"
},
{
"trust": 0.1,
"url": "http://www.osvdb.org/show/osvdb/91581"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/52713/"
},
{
"trust": 0.1,
"url": "http://xforce.iss.net/xforce/xfdb/82995"
},
{
"trust": 0.1,
"url": "http://www.tp-link.us/support/download/?model=tl-wr740n\u0026amp;version=v4"
},
{
"trust": 0.1,
"url": "http://www.scip.ch/en/?vuldb.8076"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"db": "BID",
"id": "58623"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-03-21T00:00:00",
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"date": "2013-03-21T00:00:00",
"db": "BID",
"id": "58623"
},
{
"date": "2013-03-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "ZSL",
"id": "ZSL-2013-5135"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"date": "2013-03-21T00:00:00",
"db": "BID",
"id": "58623"
},
{
"date": "2013-03-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-LINK TL-WR740N Router Denial of Service Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-02042"
},
{
"db": "BID",
"id": "58623"
},
{
"db": "CNNVD",
"id": "CNNVD-201303-457"
}
],
"trust": 1.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "58623"
}
],
"trust": 0.3
}
}
VAR-202106-2046
Vulnerability from variot - Updated: 2022-05-04 09:27Archer C9 is a wireless router product.
TP-LINK Archer C9 has a weak password vulnerability. Attackers can use vulnerabilities to log in to the background of the system to obtain sensitive information.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202106-2046",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tp-link archer c9",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2021-32421",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2021-32421",
"trust": 0.6,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Archer C9 is a wireless router product.\n\r\n\r\nTP-LINK Archer C9 has a weak password vulnerability. Attackers can use vulnerabilities to log in to the background of the system to obtain sensitive information.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-32421",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"id": "VAR-202106-2046",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
],
"trust": 1.2
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"last_update_date": "2022-05-04T09:27:41.689000Z",
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-06-07T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-05-03T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-32421"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-LINK Archer C9 has weak password vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-32421"
}
],
"trust": 0.6
}
}
VAR-201805-1239
Vulnerability from variot - Updated: 2022-05-04 09:10Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are enterprise VPN routers and enterprise wireless VPN routers of Pulian Technology Co., Ltd.
Command execution vulnerability exists in multiple TP-Link enterprise routers. An attacker could use the vulnerability to elevate from administrator privileges to root privileges.
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-1239",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "er5110g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5120g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5510g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6110g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6120g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6510g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er7520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4149g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4239g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4299g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473g-ac",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473gp-ac",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r478g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r478g",
"scope": "eq",
"trust": 0.6,
"vendor": "tplink",
"version": "+"
},
{
"model": "r483",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r488",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war1300l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war1750l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war2600l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war302",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war450",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war450l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war458",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war458l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war900l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr1300l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr1750l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr2600l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr300",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr302",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr4300l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr450",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr450l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr458l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr900g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr900l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "CNVD-2018-08170",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2018-08170",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are enterprise VPN routers and enterprise wireless VPN routers of Pulian Technology Co., Ltd.\n\nCommand execution vulnerability exists in multiple TP-Link enterprise routers. An attacker could use the vulnerability to elevate from administrator privileges to root privileges.",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08170",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"id": "VAR-201805-1239",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
],
"trust": 1.2790135025641023
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"last_update_date": "2022-05-04T09:10:50.966000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Command execution vulnerability in TP-Link enterprise router",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/125493"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-26T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08170"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Command execution vulnerability in TP-Link multiple enterprise routers",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08170"
}
],
"trust": 0.6
}
}
VAR-201806-1888
Vulnerability from variot - Updated: 2022-05-04 09:03Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are all enterprise VPN routers and enterprise wireless VPN routers.
A code execution vulnerability exists in the TP-Link enterprise router. An attacker can use the vulnerability to obtain the administrator username and password of the router, or hijack a session (get session stok).
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1888",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "er5110g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5120g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5510g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6110g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6120g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6510g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er7520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4149g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4239g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4299g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473g-ac",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473gp-ac",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r478g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r478g",
"scope": "eq",
"trust": 0.6,
"vendor": "tplink",
"version": "+"
},
{
"model": "r483",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r488",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war1300l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war1750l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war2600l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war302",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war450",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war450l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war458",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war458l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war900l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr1300l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr1750l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr2600l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr300",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr302",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr4300l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr450",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr450l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr458l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr900g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr900l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "CNVD-2018-08409",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2018-08409",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are all enterprise VPN routers and enterprise wireless VPN routers.\n\nA code execution vulnerability exists in the TP-Link enterprise router. An attacker can use the vulnerability to obtain the administrator username and password of the router, or hijack a session (get session stok).",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08409",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"id": "VAR-201806-1888",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
],
"trust": 1.2790135025641023
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"last_update_date": "2022-05-04T09:03:58.515000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Code Execution Vulnerability in TP-Link Enterprise Router (CNVD-2018-08409)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/125963"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08409"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code execution vulnerability in TP-Link enterprise router",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08409"
}
],
"trust": 0.6
}
}
VAR-201806-1890
Vulnerability from variot - Updated: 2022-05-04 09:03Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are all enterprise VPN routers and enterprise wireless VPN routers.
A code execution vulnerability exists in the TP-Link enterprise router. An attacker can use the vulnerability to obtain the administrator username and password of the router, or hijack a session (get session stok).
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1890",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "er5110g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5120g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5510g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er5520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6110g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6120g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6510g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er6520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "er7520g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4149g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4239g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r4299g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473g-ac",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r473gp-ac",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r478g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r478g",
"scope": "eq",
"trust": 0.6,
"vendor": "tplink",
"version": "+"
},
{
"model": "r483",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "r488",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war1300l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war1750l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war2600l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war302",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war450",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war450l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war458",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "war458l",
"scope": null,
"trust": 0.6,
"vendor": "tuplink",
"version": null
},
{
"model": "war900l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr1300l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr1750l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr2600l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr300",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr302",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr4300l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr450",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr450l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr458l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr900g",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
},
{
"model": "wvr900l",
"scope": null,
"trust": 0.6,
"vendor": "tplink",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "HIGH",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.5,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 2.5,
"id": "CNVD-2018-08408",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:A/AC:H/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "CNVD",
"id": "CNVD-2018-08408",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Tplink ER5110G, Tplink ER5120G and Tplink WAR1300L are all enterprise VPN routers and enterprise wireless VPN routers.\n\nA code execution vulnerability exists in the TP-Link enterprise router. An attacker can use the vulnerability to obtain the administrator username and password of the router, or hijack a session (get session stok).",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
],
"trust": 0.6
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08408",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"id": "VAR-201806-1890",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
],
"trust": 1.2790135025641023
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"last_update_date": "2022-05-04T09:03:58.503000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Code Execution Vulnerability in TP-Link Enterprise Router (CNVD-2018-08408)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/125961"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-04-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2018-08408"
}
]
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Code Execution Vulnerability in TP-Link Enterprise Router (CNVD-2018-08408)",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2018-08408"
}
],
"trust": 0.6
}
}