Symlink Traversal Vulnerability in TP-LINK Routers
CVE-2013-4654

9.8CRITICAL

Key Information:

Vendor

Tp-link
Status
Tl-wdr4300 Firmware
Vendor
CVE Published:
13 November 2019

What is CVE-2013-4654?

A symlink traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND allows attackers to potentially gain access to unauthorized files and directories in the system. By exploiting this vulnerability, a malicious user could manipulate symbolic links to access sensitive data, which could jeopardize the security of the network. This vulnerability highlights the importance of securing router settings and keeping firmware updated to protect against potential attacks.

References

https://www.ise.io/casestudies/exploiting-soho-routers/
x_refsource_MISC
https://www.ise.io/soho_service_hacks/
x_refsource_MISC
https://www.ise.io/wp-content/uploads/2017/07/soho_techre...
x_refsource_MISC

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.