ID
VAR-E-201905-0230
CVE
| cve_id: | CVE-2019-12195 | Trust: 1.5 |
EDB ID
46882
TITLE
TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting. CVE-2019-12195 . webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | tp link | model: | tl-wr840n | scope: | eq | version: | v500000005 | Trust: 1.6 |
| vendor: | tp link | model: | tl-wr840n | scope: | - | version: | - | Trust: 0.5 |
EXPLOIT
# Exploit Title: TL-WR840N v5 00000005
# Date: 5/10/2019
# Exploit Author: purnendu ghosh
# Vendor Homepage: https://www.tp-link.com/
# Software Link: https://www.amazon.in/TP-LINK-TL-WR840N-300Mbps-Wireless-External/dp/B01A0G1J7Q
# Category: Hardware
# Firmware Version:0.9.1 3.16 v0001.0 Build 171211 Rel.58800n
# Hardware Version:TL-WR840N v5 00000005
# Tested on: Windows 10
# CVE :CVE-2019-12195.
# Proof Of Concept:
TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must
log into the router by breaking the password and going to the admin
login page by THC-HYDRA to get the network name. With an XSS payload,
the network name changed automatically and the internet connection was
disconnected. All the users become disconnected from
the internet.
------------------------------------------
[Additional Information]
To ensure your network to be safe from Renaming and internet disconnection.
------------------------------------------
[Vulnerability Type]
Cross Site Scripting (XSS)
------------------------------------------
[Vendor of Product]
tp-link
------------------------------------------
[Affected Product Code Base]
router - TL-WR840N v5 00000005
------------------------------------------
[Affected Component]
Wi-Fi network configured through the router
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Denial of Service]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[Attack Vectors]
Logged in to the router by breaking the password and goes to the admin
login page by THC-HYDRA and got the network name. Using Burp Suite
professional version 1.7.32 captured the network name and selected XSS
payload against the name and started attacking .as a result the
network name changed automatically and internet connection was
disconnected in the network. All the users become disconnected from
internet.
------------------------------------------
[Discoverer]
purnendu ghosh
[Reference]
https://www.tp-link.com/us/security
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Cross-Site Scripting
Trust: 1.6
TAGS
| tag: | Cross-Site Scripting (XSS) | Trust: 1.0 |
| tag: | exploit | Trust: 0.5 |
| tag: | xss | Trust: 0.5 |
CREDITS
purnendu ghosh
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 46882 | Trust: 1.6 |
| db: | NVD | id: | CVE-2019-12195 | Trust: 1.5 |
| db: | EDBNET | id: | 101502 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 153027 | Trust: 0.5 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-12195 | Trust: 1.5 |
| url: | https://www.exploit-db.com/exploits/46882/ | Trust: 0.6 |
SOURCES
| db: | PACKETSTORM | id: | 153027 |
| db: | EXPLOIT-DB | id: | 46882 |
| db: | EDBNET | id: | 101502 |
LAST UPDATE DATE
2022-07-27T09:18:11.935000+00:00
SOURCES RELEASE DATE
| db: | PACKETSTORM | id: | 153027 | date: | 2019-05-21T18:22:22 |
| db: | EXPLOIT-DB | id: | 46882 | date: | 2019-05-21T00:00:00 |
| db: | EDBNET | id: | 101502 | date: | 2019-05-21T00:00:00 |