ID
VAR-E-201311-0483
TITLE
TP-LINK TL-WR740N/TL-WR740ND 'WlanSecurityRpm.htm' Cross Site Request Forgery Vulnerability
Trust: 0.3
DESCRIPTION
TPLINK TL-WR740N/TL-WR740ND are prone to a cross-site request-forgery vulnerability because it fails to properly validate HTTP requests.
Exploiting this issue may allow a remote attacker to perform certain unauthorized administrative actions. Other attacks are also possible.
TP-Link TL-WR740N/TL-WR740ND running firmware 3.16.6 Build 130529 are vulnerable; other versions may also be affected.
Trust: 0.3
AFFECTED PRODUCTS
| vendor: | tp link | model: | tl-wr740nd build | scope: | eq | version: | 3.16.6130529 | Trust: 0.3 |
| vendor: | tp link | model: | tl-wr740n build | scope: | eq | version: | 3.16.6130529 | Trust: 0.3 |
EXPLOIT
To exploit this issue an attacker must entice a user into visiting a malicious site.
The following example data is available:
Bullet list:
<li><a href="/data/vulnerabilities/exploits/63906.htm.txt">/data/vulnerabilities/exploits/63906.htm.txt</a></li>
Trust: 0.3
PRICE
Free
Trust: 0.3
TYPE
Input Validation Error
Trust: 0.3
CREDITS
SaMaN
Trust: 0.3
EXTERNAL IDS
| db: | BID | id: | 63906 | Trust: 0.3 |
REFERENCES
| url: | http://www.tp-link.com/en/ | Trust: 0.3 |
SOURCES
| db: | BID | id: | 63906 |
LAST UPDATE DATE
2022-07-27T09:30:10.065000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 63906 | date: | 2013-11-24T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 63906 | date: | 2013-11-24T00:00:00 |