Details of VAR-202312-0648

ID

VAR-202312-0648

CVE

CVE-2023-50224

TITLE

TP-LINK Technologies of TL-WR841N Firmware Spoofing Authentication Bypass Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2023-029479

DESCRIPTION

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-19899

Trust: 2.34

sources: NVD: CVE-2023-50224 // JVNDB: JVNDB-2023-029479 // ZDI: ZDI-23-1808 // VULMON: CVE-2023-50224

AFFECTED PRODUCTS

vendor:	tp link	model:	tl-wr841n	scope:	-	version:	-	Trust: 1.5
vendor:	tp link	model:	tl-wr841n	scope:	eq	version:	3.16.9	Trust: 1.0
vendor:	tp link	model:	tl-wr841n	scope:	eq	version:	-	Trust: 0.8
vendor:	tp link	model:	tl-wr841n	scope:	eq	version:	tl-wr841n firmware 3.16.9	Trust: 0.8

sources: ZDI: ZDI-23-1808 // JVNDB: JVNDB-2023-029479 // NVD: CVE-2023-50224

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2023-50224
value:	MEDIUM
Trust: 1.0
OTHER:	JVNDB-2023-029479
value:	MEDIUM
Trust: 0.8
ZDI:	CVE-2023-50224
value:	MEDIUM
Trust: 0.7

zdi-disclosures@trendmicro.com:	CVE-2023-50224
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0
OTHER:	JVNDB-2023-029479
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8
ZDI:	CVE-2023-50224
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-1808 // JVNDB: JVNDB-2023-029479 // NVD: CVE-2023-50224

PROBLEMTYPE DATA

problemtype:	CWE-290	Trust: 1.0
problemtype:	Avoid authentication by spoofing (CWE-290) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2023-029479 // NVD: CVE-2023-50224

PATCH

title:

TP-Link has issued an update to correct this vulnerability.#Firmware

url:

https://www.tp-link.com/en/support/download/tl-wr841n/v12/

Trust: 0.7

sources: ZDI: ZDI-23-1808

EXTERNAL IDS

db:	NVD	id:	CVE-2023-50224	Trust: 3.4
db:	ZDI	id:	ZDI-23-1808	Trust: 2.6
db:	JVNDB	id:	JVNDB-2023-029479	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-19899	Trust: 0.7
db:	VULMON	id:	CVE-2023-50224	Trust: 0.1

sources: ZDI: ZDI-23-1808 // VULMON: CVE-2023-50224 // JVNDB: JVNDB-2023-029479 // NVD: CVE-2023-50224

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-23-1808/	Trust: 1.9
url:	https://www.tp-link.com/en/support/download/tl-wr841n/v12/#firmware	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2023-50224	Trust: 0.8
url:	https://www.tp-link.com/en/support/download/tl-wr841n/v12/	Trust: 0.7

sources: ZDI: ZDI-23-1808 // VULMON: CVE-2023-50224 // JVNDB: JVNDB-2023-029479 // NVD: CVE-2023-50224

CREDITS

Aleksandar Djurdjevic 'revengsmK'

Trust: 0.7

sources: ZDI: ZDI-23-1808

SOURCES

db:	ZDI	id:	ZDI-23-1808
db:	VULMON	id:	CVE-2023-50224
db:	JVNDB	id:	JVNDB-2023-029479
db:	NVD	id:	CVE-2023-50224

LAST UPDATE DATE

2025-08-10T23:20:40.649000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-1808	date:	2023-12-19T00:00:00
db:	JVNDB	id:	JVNDB-2023-029479	date:	2025-08-08T08:16:00
db:	NVD	id:	CVE-2023-50224	date:	2025-08-07T15:57:38.267

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-1808	date:	2023-12-19T00:00:00
db:	JVNDB	id:	JVNDB-2023-029479	date:	2025-08-08T00:00:00
db:	NVD	id:	CVE-2023-50224	date:	2024-05-03T03:16:10.833