Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware prior to 150317, C7 (2.0) with firmware prior to 150304, and C8 (1.0) with firmware prior to 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware prior to 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware prior to 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware prior to 150310 allows remote malicious users to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tp-link tl-wr841n_\\(9.0\\)_firmware |
||
tp-link tl-wr740n_\\(5.0\\)_firmware |
||
tp-link archer_c5_\\(1.2\\)_firmware |
||
tp-link tl-wr841n_\\(10.0\\)_firmware |
||
tp-link tl-wr741nd_\\(5.0\\)_firmware |
||
tp-link tl-wr741nd_\\(5.0\\) |
||
tp-link tl-wdr3600_\\(1.0\\)_firmware |
||
tp-link archer_c7_\\(2.0\\)_firmware |
||
tp-link tl-wr841nd_\\(10.0\\)_firmware 150104 |
||
tp-link archer_c9_\\(1.0\\)_firmware |
||
tp-link tl-wr841nd_\\(9.0\\)_firmware |
||
tp-link archer_c8_\\(1.0\\)_firmware |
||
tp-link tl-wdr4300_\\(1.0\\)_firmware |
||
tp-link tl-wdr3500_\\(1.0\\)_firmware |