Directory Traversal Vulnerability in TP-LINK TL-WR841N Router Web Management
CVE-2012-5687

Currently unrated

Key Information:

Vendor: Tp-link
Status: Tl-wr841n; Tl-wr841n Firmware
Vendor: CVE Published:; 1 November 2012

Summary

A directory traversal vulnerability exists in the web-based management interface of the TP-LINK TL-WR841N router. This flaw allows remote attackers to access sensitive files on the device by exploiting the improper handling of path information in the URI. By using special character sequences, such as '..', an attacker can bypass security restrictions and read arbitrary files, potentially exposing critical information.

References

http://packetstormsecurity.org/files/117749/TP-LINK-TL-WR...

x_refsource_MISC

http://archives.neohapsis.com/archives/bugtraq/2012-10/01...

mailing-listx_refsource_BUGTRAQ

https://exchange.xforce.ibmcloud.com/vulnerabilities/79662

vdb-entryx_refsource_XF

EPSS Score

67% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 1, 2012
Vulnerability Reserved
Oct 29, 2012