Skip to main content

W15e Firmware CVE-2017-14514

HIGH
Path Traversal (CWE-22)
2017-09-17 cve@mitre.org
7.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Sep 17, 2017 - 22:29 cve.org
HIGH 7.5

DescriptionCVE.org

Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL.

AnalysisAI

Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Path Traversal (CWE-22), which allows attackers to access files and directories outside the intended path. Directory Traversal on Tenda W15E devices before 15.11.0.14 allows remote attackers to read unencrypted files via a crafted URL. Affected products include: Tenda W15E Firmware. Version information: before 15.11.0.14.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate and canonicalize file paths. Use chroot or sandboxing. Reject input containing path separators or '../' sequences.

CVE-2023-27063 CRITICAL POC
9.8 Mar 13

Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the DNSDomainNam

CVE-2023-27061 CRITICAL POC
9.8 Mar 13

Tenda V15V1.0 V15.11.0.14(1521_3190_1058) was discovered to contain a buffer overflow vulnerability via the wifiFilterLi

CVE-2022-42058 CRITICAL POC
9.8 Nov 15

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setRemoteWebManage

CVE-2024-4127 HIGH POC
8.8 Apr 24

A vulnerability was found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.8), this vulnerability is remotely explo

CVE-2024-4126 HIGH POC
8.8 Apr 24

A vulnerability was found in Tenda W15E 15.11.0.14 and classified as critical. Rated high severity (CVSS 8.8), this vuln

CVE-2024-4125 HIGH POC
8.8 Apr 24

A vulnerability has been found in Tenda W15E 15.11.0.14 and classified as critical. Rated high severity (CVSS 8.8), this

CVE-2024-4124 HIGH POC
8.8 Apr 24

A vulnerability, which was classified as critical, was found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.8), t

CVE-2024-4123 HIGH POC
8.8 Apr 24

A vulnerability, which was classified as critical, has been found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.

CVE-2024-4122 HIGH POC
8.8 Apr 24

A vulnerability classified as critical was found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.8), this vulnerab

CVE-2024-4121 HIGH POC
8.8 Apr 24

A vulnerability classified as critical has been found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.8), this vul

CVE-2024-4120 HIGH POC
8.8 Apr 24

A vulnerability was found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.8), this vulnerability is remotely explo

CVE-2024-4119 HIGH POC
8.8 Apr 24

A vulnerability was found in Tenda W15E 15.11.0.14. Rated high severity (CVSS 8.8), this vulnerability is remotely explo

Share

CVE-2017-14514 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy