Sign-up

ID

VAR-201501-0652


CVE

CVE-2014-9510


TITLE

TP-Link TL-WR840N Cross-site request forgery vulnerability in router firmware

Trust: 0.8

sources: JVNDB: JVNDB-2014-007578

DESCRIPTION

Cross-site request forgery (CSRF) vulnerability in the administration console in TP-Link TL-WR840N (V1) router with firmware before 3.13.27 build 141120 allows remote attackers to hijack the authentication of administrators for requests that change router settings via a configuration file import. The TP-Link TL-WR840N is a wireless router device. An attacker could exploit this vulnerability to perform certain unauthorized actions. Other attacks are also possible. TP-Link TL-WR840N Router running firmware 3.13.27 Build 140714 and prior are vulnerable. Classification: //Dell SecureWorks/Confidential - Limited External Distribution: ############################################################################ # * Title: TP-Link TL-WR840N Configuration Import Cross-Site Request Forgery (CSRF) # * Advisory ID: SWRX-2015-001 # * Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2015-00 1/ # * Date published: Wednesday, January 7, 2015 # * CVE: CVE-2014-9510 # * CVSS v2 base score: 9.3 # * Date of last update: Wednesday, January 7, 2015 # * Vendors contacted: TP-Link # * Release mode: Coordinated # * Discovered by: Sean Wright, Dell SecureWorks ############################################################################ Summary: TP-Link is a primary provider of networking equipment and wireless products for small and home offices as well as for small to midsized businesses. TL-WR840N is a combination wired/wireless router specifically targeted to small business and home office networking environments. An attack could alter any configuration setting on the device. ---------------------------------------------------------------------------- Vendor information, solutions, and workarounds: TL-WR840N users should upgrade the router's firmware to 3.13.27, build 141120 or later. ---------------------------------------------------------------------------- Details: The TP-Link TL-WR840N router provides a web administration console that enables the device owner to change the router's configuration. The administration console includes an option to import an existing configuration from a binary file, but this feature is vulnerable to CSRF attacks. A threat actor could use social engineering to trick a victim into visiting a malicious web page that exploits the CSRF vulnerability and imports a malicious configuration file via the router's web administration console. The attacker could change any settings on the router, including the firewall settings and the router's remote administration capabilities. If the device owner has not changed the default username and password, then the attack would not require the victim to log into the router's web administration console. ----------------------------------------------------------------------------

Trust: 2.61

sources: NVD: CVE-2014-9510 // JVNDB: JVNDB-2014-007578 // CNVD: CNVD-2015-00188 // BID: 71913 // VULHUB: VHN-77455 // PACKETSTORM: 129861

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2015-00188

AFFECTED PRODUCTS

vendor:tp linkmodel:tl-wr840nscope:eqversion:3.13.27

Trust: 1.6

vendor:tp linkmodel:tl-wr840nscope: - version: -

Trust: 0.8

vendor:tp linkmodel:tl-wr840nscope:ltversion:3.13.27 build 141120

Trust: 0.8

vendor:tp linkmodel:tl-wr840n buildscope:lteversion:<=3.13.27140714

Trust: 0.6

vendor:tp linkmodel:tl-wr840n buildscope:eqversion:v13.13.27140714

Trust: 0.3

vendor:tp linkmodel:tl-wr840nscope:eqversion:v13.13.27

Trust: 0.3

vendor:tp linkmodel:tl-wr840n buildscope:neversion:v13.13.27141120

Trust: 0.3

sources: CNVD: CNVD-2015-00188 // BID: 71913 // JVNDB: JVNDB-2014-007578 // CNNVD: CNNVD-201501-184 // NVD: CVE-2014-9510

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2014-9510
value: MEDIUM

Trust: 1.0

NVD: CVE-2014-9510
value: MEDIUM

Trust: 0.8

CNVD: CNVD-2015-00188
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201501-184
value: MEDIUM

Trust: 0.6

VULHUB: VHN-77455
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2014-9510
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

CNVD: CNVD-2015-00188
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-77455
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2015-00188 // VULHUB: VHN-77455 // JVNDB: JVNDB-2014-007578 // CNNVD: CNNVD-201501-184 // NVD: CVE-2014-9510

PROBLEMTYPE DATA

problemtype:CWE-352

Trust: 1.9

sources: VULHUB: VHN-77455 // JVNDB: JVNDB-2014-007578 // NVD: CVE-2014-9510

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201501-184

TYPE

cross-site request forgery

Trust: 0.6

sources: CNNVD: CNNVD-201501-184

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2014-007578

EXPLOIT AVAILABILITY
sources:
            
            
            VULHUB: VHN-77455

PATCH
title:TL-WR840Nurl:http://www.tp-link.com/en/support/download/?model=TL-WR840N&version=V1
Trust: 0.8
title:TP-Link TL-WR840N 'Import Configuration' option cross-site request forgery vulnerability patchurl:https://www.cnvd.org.cn/patchInfo/show/53779
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2015-00188 // 
            
            
            
            JVNDB: JVNDB-2014-007578

EXTERNAL IDS
db:NVDid:CVE-2014-9510
Trust: 3.5
db:BIDid:71913
Trust: 2.6
db:JVNDBid:JVNDB-2014-007578
Trust: 0.8
db:CNNVDid:CNNVD-201501-184
Trust: 0.7
db:CNVDid:CNVD-2015-00188
Trust: 0.6
db:PACKETSTORMid:129861
Trust: 0.2
db:VULHUBid:VHN-77455
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-00188 // 
            
            
            
            VULHUB: VHN-77455 // 
            
            
            
            BID: 71913 // 
            
            
            
            JVNDB: JVNDB-2014-007578 // 
            
            
            
            PACKETSTORM: 129861 // 
            
            
            
            CNNVD: CNNVD-201501-184 // 
            
            
            
            NVD: CVE-2014-9510

REFERENCES
url:http://www.securityfocus.com/bid/71913
Trust: 2.3
url:http://seclists.org/fulldisclosure/2015/jan/14
Trust: 1.7
url:http://www.secureworks.com/cyber-threat-intelligence/advisories/swrx-2015-001/
Trust: 1.7
url:http://www.tp-link.com/en/support/download/?model=tl-wr840n&version=v1
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9510
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9510
Trust: 0.8
url:http://www.tp-link.com/en/
Trust: 0.3
url:http://www.secureworks.com/advisories/swrx-2015-001/swrx-2015-001.pdf
Trust: 0.3
url:http://www.tp-link.com/en/support/download/?model=tl-wr840n&amp;version=v1
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2014-9510
Trust: 0.1
url:http://www.secureworks.com/cyber-threat-intelligence/advisories/swrx-2015-00
Trust: 0.1
sources:
            
            
            CNVD: CNVD-2015-00188 // 
            
            
            
            VULHUB: VHN-77455 // 
            
            
            
            BID: 71913 // 
            
            
            
            JVNDB: JVNDB-2014-007578 // 
            
            
            
            PACKETSTORM: 129861 // 
            
            
            
            CNNVD: CNNVD-201501-184 // 
            
            
            
            NVD: CVE-2014-9510

CREDITS
Sean Wright, Dell SecureWorks
Trust: 0.9
sources:
            
            
            BID: 71913 // 
            
            
            
            CNNVD: CNNVD-201501-184

SOURCES
db:CNVDid:CNVD-2015-00188
db:VULHUBid:VHN-77455
db:BIDid:71913
db:JVNDBid:JVNDB-2014-007578
db:PACKETSTORMid:129861
db:CNNVDid:CNNVD-201501-184
db:NVDid:CVE-2014-9510

LAST UPDATE DATE
2025-04-12T23:14:26.576000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2015-00188date:2015-01-09T00:00:00
db:VULHUBid:VHN-77455date:2015-01-13T00:00:00
db:BIDid:71913date:2015-01-07T00:00:00
db:JVNDBid:JVNDB-2014-007578date:2015-01-14T00:00:00
db:CNNVDid:CNNVD-201501-184date:2015-04-30T00:00:00
db:NVDid:CVE-2014-9510date:2025-04-12T10:46:40.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2015-00188date:2015-01-09T00:00:00
db:VULHUBid:VHN-77455date:2015-01-09T00:00:00
db:BIDid:71913date:2015-01-07T00:00:00
db:JVNDBid:JVNDB-2014-007578date:2015-01-14T00:00:00
db:PACKETSTORMid:129861date:2015-01-08T22:00:25
db:CNNVDid:CNNVD-201501-184date:2015-01-09T00:00:00
db:NVDid:CVE-2014-9510date:2015-01-09T18:59:09.210