Skip to main content

Tl Wr841n Firmware CVE-2012-6276

MEDIUM
Path Traversal (CWE-22)
2013-01-26 cret@cert.org
4.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:P/I:N/A:N
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Jan 26, 2013 - 21:55 cve.org
MEDIUM 4.3

DescriptionCVE.org

Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.

AnalysisAI

Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter. Affected products include: Tp-Link Tl-Wr841N Firmware, Tp-Link Tl-Wr841N.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.

CVE-2012-5687 HIGH POC
7.8 Nov 01

Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13

CVE-2022-25073 CRITICAL POC
9.8 Feb 24

TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). Rated

CVE-2018-11714 CRITICAL POC
9.8 Jun 04

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00

CVE-2023-33538 HIGH POC
8.8 Jun 07

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerabili

CVE-2023-33537 HIGH POC
8.1 Jun 07

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the compo

CVE-2023-33536 HIGH POC
8.1 Jun 07

TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the compo

CVE-2023-36358 HIGH POC
7.7 Jun 22

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflo

CVE-2023-36357 HIGH POC
7.7 Jun 22

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND

CVE-2023-36356 HIGH POC
7.7 Jun 22

TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read ou

CVE-2023-36359 HIGH POC
7.5 Jun 22

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflo

CVE-2023-36354 HIGH POC
7.5 Jun 22

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contai

CVE-2020-8423 HIGH POC
7.2 Apr 02

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated

Share

CVE-2012-6276 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy