Details of VAR-202101-0623

ID

VAR-202101-0623

CVE

CVE-2020-36178

TITLE

TP-Link TL-WR840N In OS Command injection vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2020-015484

DESCRIPTION

oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for a call to the system library function (for iptables). NOTE: oal_ipt_addBridgeIsolationRules is not the only function that calls util_execSystem. TP-Link TL-WR840N Has OS A command injection vulnerability exists.Information is obtained, information is tampered with, and service is disrupted (DoS) It may be put into a state. TP-LINK TL-WR840N is a wireless router with 13 channels and supports VPN function. The oal_ipt_addBridgeIsolationRules in TP-Link TL-WR840N 6_EU_0.9.1_4.16 has an OS command injection vulnerability. The vulnerability stems from the original string input from the Web interface is directly used to call system library functions. Attackers can use this vulnerability to inject OS commands

Trust: 2.16

sources: NVD: CVE-2020-36178 // JVNDB: JVNDB-2020-015484 // CNVD: CNVD-2021-04412

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2021-04412

AFFECTED PRODUCTS

vendor:	tp link	model:	tl-wr840n	scope:	eq	version:	6_eu_0.9.1_4.16	Trust: 1.0
vendor:	tp link	model:	tl-wr840n	scope:	eq	version:	-	Trust: 0.8
vendor:	tp link	model:	tl-wr840n	scope:	eq	version:	tl-wr840n firmware 6_eu_0.9.1_4.16	Trust: 0.8
vendor:	tp link	model:	tl-wr840n 6 eu 0.9.1 4.16	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2021-04412 // JVNDB: JVNDB-2020-015484 // NVD: CVE-2020-36178

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-36178
value:	CRITICAL
Trust: 1.0
NVD:	CVE-2020-36178
value:	CRITICAL
Trust: 0.8
CNVD:	CNVD-2021-04412
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2020-36178
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2021-04412
severity:	HIGH
baseScore:	10.0
vectorString:	AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2020-36178
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2020-36178
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2021-04412 // JVNDB: JVNDB-2020-015484 // NVD: CVE-2020-36178

PROBLEMTYPE DATA

problemtype:	CWE-78	Trust: 1.0
problemtype:	OS Command injection (CWE-78) [NVD Evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2020-015484 // NVD: CVE-2020-36178

PATCH

title:

Download for TL-WR840N V6

url:

https://www.tp-link.com/en/support/download/tl-wr840n/v6/#Firmware

Trust: 0.8

sources: JVNDB: JVNDB-2020-015484

EXTERNAL IDS

db:	NVD	id:	CVE-2020-36178	Trust: 2.4
db:	JVNDB	id:	JVNDB-2020-015484	Trust: 0.8
db:	CNVD	id:	CNVD-2021-04412	Trust: 0.6

sources: CNVD: CNVD-2021-04412 // JVNDB: JVNDB-2020-015484 // NVD: CVE-2020-36178

REFERENCES

url:	https://github.com/therealunicornsecurity/therealunicornsecurity.github.io/blob/master/_posts/2020-10-11-tplink.md	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-36178	Trust: 1.4
url:	https://therealunicornsecurity.github.io/tplink/	Trust: 1.0
url:	https://www.tp-link.com/fr/support/download/tl-wr840n/v6/#firmware	Trust: 1.0

sources: CNVD: CNVD-2021-04412 // JVNDB: JVNDB-2020-015484 // NVD: CVE-2020-36178

SOURCES

db:	CNVD	id:	CNVD-2021-04412
db:	JVNDB	id:	JVNDB-2020-015484
db:	NVD	id:	CVE-2020-36178

LAST UPDATE DATE

2024-11-23T22:20:54.412000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2021-04412	date:	2021-01-20T00:00:00
db:	JVNDB	id:	JVNDB-2020-015484	date:	2021-09-28T02:35:00
db:	NVD	id:	CVE-2020-36178	date:	2024-11-21T05:28:54.057

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2021-04412	date:	2021-01-20T00:00:00
db:	JVNDB	id:	JVNDB-2020-015484	date:	2021-09-28T00:00:00
db:	NVD	id:	CVE-2020-36178	date:	2021-01-06T21:15:14.317