Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title TP-LINK TL-WR841N wireless router local file inclusion vulnerability
Informations
Name VU#185100 First vendor Publication 2013-01-11
Vendor VU-CERT Last vendor Modification 2013-01-11
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#185100

TP-LINK TL-WR841N wireless router local file inclusion vulnerability

Original Release date: 11 Jan 2013 | Last revised: 11 Jan 2013

Overview

The TP-LINK TL-WR841N wireless router contains a local file inclusion vulnerability which could allow an attacker to download critical configuration files off the device.

Description

CWE-829: Inclusion of Functionality from Untrusted Control Sphere

The TP-LINK TL-WR841N wireless router web-based management interface contains a local file inclusion (LFI) vulnerability. The URL parameter is not properly sanitized before being parsed. It has been reported that TP-LINK TL-WR841N wireless router running firmware version: 3.13.9 Build 120201 Rel.54965n and below are affected.

Impact

An attacker with access to the TP-LINK TL-WR841N web interface could download critical configuration files off the device.

Solution

We are currently unaware of a practical solution to this problem.

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent local file inclusion attacks since the attack comes as an HTTP request from a legitimate user's host. Restricting access would prevent an attacker from accessing the TP-LINK TL-WR841N web interface using stolen credentials from a blocked network location.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
TP-LinkAffected-07 Jan 2013
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

GroupScoreVector
Base4.3AV:N/AC:M/Au:N/C:P/I:N/A:N
Temporal3.1E:U/RL:W/RC:UC
Environmental0.9CDP:L/TD:L/CR:ND/IR:ND/AR:ND

References

  • http://www.tp-link.com/en/products/details/?model=TL-WR841N
  • http://cwe.mitre.org/data/definitions/829.html

Credit

Thanks to Matan Azugi for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

  • CVE IDs:CVE-2012-6276
  • Date Public:11 Jan 2013
  • Date First Published:11 Jan 2013
  • Date Last Updated:11 Jan 2013
  • Document Revision:7

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.

Original Source

Url : http://www.kb.cert.org/vuls/id/185100

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1
Os 1

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2013-01-28 21:19:43
  • Multiple Updates
2013-01-27 13:20:34
  • Multiple Updates
2013-01-11 21:22:31
  • Multiple Updates
2013-01-11 17:18:42
  • First insertion