Domain Control Loss in TP-LINK Products Impacting User Access
CVE-2016-1000009

7.5HIGH

Key Information:

Vendor

Tp-link
Status
Tp-link
Vendor
CVE Published:
6 October 2016

What is CVE-2016-1000009?

TP-LINK faced a significant security issue when control of two essential domains, www.tplinklogin.net and tplinkextender.net, was lost. These domains are prominently printed on many TP-LINK devices, creating potential risks for users attempting to access their device interfaces. This incident raises concerns about device security and user protection, emphasizing the importance of monitoring domain registrations and associated risks in networked devices.

References

https://pbs.twimg.com/media/CmnQ3F0WIAAs_X0.jpg
x_refsource_MISC
https://pbs.twimg.com/media/CmnQGI0WAAIbPHA.jpg
x_refsource_MISC
http://seclists.org/bugtraq/2016/Jul/3
mailing-listx_refsource_BUGTRAQ

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.