Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2015-3035

Published: 22/04/2015 Updated: 09/10/2018
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
VMScore: 695
Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Summary

Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware prior to 150317, C7 (2.0) with firmware prior to 150304, and C8 (1.0) with firmware prior to 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware prior to 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware prior to 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware prior to 150310 allows remote malicious users to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

Vulnerable Product Search on Vulmon Subscribe to Product

tp-link tl-wr841n (9.0) firmware

tp-link tl-wr740n (5.0) firmware

tp-link archer c5 (1.2) firmware

tp-link tl-wr841n (10.0) firmware

tp-link tl-wr741nd (5.0) firmware

tp-link tl-wr741nd (5.0)

tp-link tl-wdr3600 (1.0) firmware

tp-link archer c7 (2.0) firmware

tp-link tl-wr841nd (10.0) firmware 150104

tp-link archer c9 (1.0) firmware

tp-link tl-wr841nd (9.0) firmware

tp-link archer c8 (1.0) firmware

tp-link tl-wdr4300 (1.0) firmware

tp-link tl-wdr3500 (1.0) firmware

Exploits

Exploit DB: TP-LINK Local File Disclosure
Multiple TP-LINK products suffer from a local file disclosure vulnerability ...

References

CWE-22https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txthttp://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmwarehttp://seclists.org/fulldisclosure/2015/Apr/26http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmwarehttp://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.htmlhttp://www.tp-link.com/en/download/Archer-C9_V1.html#Firmwarehttp://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmwarehttp://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmwarehttp://www.tp-link.com/en/download/Archer-C8_V1.html#Firmwarehttp://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmwarehttp://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmwarehttp://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmwarehttp://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmwarehttp://www.tp-link.com/en/download/Archer-C7_V2.html#Firmwarehttp://www.securityfocus.com/bid/74050http://www.securityfocus.com/archive/1/535240/100/0/threadedhttps://nvd.nist.govhttps://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044client sideCVE-2021-47601deserializationCVE-2024-34994encryptionCVE-2021-47609CVE-2024-37079CVE-2024-38608
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook