Sign-up

ID

VAR-201302-0516


TITLE

TP-Link TL-WA701N/TL-WA701ND Directory Traversal Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2013-01109

DESCRIPTION

The TP-Link TL-WA701N/TL-WA701ND is a wireless router device. The TP-Link TL-WA701N/TL-WA701ND has a directory traversal vulnerability. An attacker can send a specially crafted URL request containing a \"dot\" sequence (/.. /) to view any file on the system. The TP-Link TL-WA701N/TL-WA701ND has an HTML injection vulnerability that allows an attacker to exploit and exploit malicious script code. TL-WA701N and TL-WA701ND are prone to a directory traversal vulnerability and multiple HTML-injection vulnerabilities because it fails to properly sanitize user-supplied input. This may let the attacker steal cookie-based authentication credentials or control how the site is rendered to the user

Trust: 1.35

sources: CNVD: CNVD-2013-01109 // CNVD: CNVD-2013-01110 // BID: 57969

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 1.2

sources: CNVD: CNVD-2013-01109 // CNVD: CNVD-2013-01110

AFFECTED PRODUCTS

vendor:tp linkmodel:tl-wa701n/tl-wa701ndscope: - version: -

Trust: 1.2

sources: CNVD: CNVD-2013-01109 // CNVD: CNVD-2013-01110

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201302-394

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 57969

EXTERNAL IDS

db:BIDid:57969

Trust: 2.1

db:CNVDid:CNVD-2013-01109

Trust: 0.6

db:CNVDid:CNVD-2013-01110

Trust: 0.6

db:CNNVDid:CNNVD-201302-394

Trust: 0.6

sources: CNVD: CNVD-2013-01109 // CNVD: CNVD-2013-01110 // BID: 57969 // CNNVD: CNNVD-201302-394

REFERENCES

url:http://www.s3cur1ty.de/node/682

Trust: 1.2

url:http://www.securityfocus.com/bid/57969

Trust: 0.6

url:http://www.s3cur1ty.de/m1adv2013-011

Trust: 0.3

url:http://www.tp-link.com/en/

Trust: 0.3

sources: CNVD: CNVD-2013-01109 // CNVD: CNVD-2013-01110 // BID: 57969 // CNNVD: CNNVD-201302-394

CREDITS

Michael Messner

Trust: 0.9

sources: BID: 57969 // CNNVD: CNNVD-201302-394

SOURCES

db:CNVDid:CNVD-2013-01109
db:CNVDid:CNVD-2013-01110
db:BIDid:57969
db:CNNVDid:CNNVD-201302-394

LAST UPDATE DATE

2022-05-17T02:03:24.090000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2013-01109date:2013-02-20T00:00:00
db:CNVDid:CNVD-2013-01110date:2013-02-20T00:00:00
db:BIDid:57969date:2013-02-15T00:00:00
db:CNNVDid:CNNVD-201302-394date:2013-02-25T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2013-01109date:2013-02-20T00:00:00
db:CNVDid:CNVD-2013-01110date:2013-02-20T00:00:00
db:BIDid:57969date:2013-02-15T00:00:00
db:CNNVDid:CNNVD-201302-394date:2013-02-25T00:00:00