SB2015042207 - Path traversal in multiple TP-LINK products
Published: April 22, 2015 Updated: June 5, 2023
Security Bulletin ID
SB2015042207
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Path traversal (CVE-ID: CVE-2015-3035)
The vulnerability allows a remote attacker to perform directory traversal attacks.
The vulnerability exists due to input validation error when processing directory traversal sequences. A remote attacker can send a specially crafted HTTP request and read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
Remediation
Install update from vendor's website.
References
- http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html
- http://seclists.org/fulldisclosure/2015/Apr/26
- http://www.securityfocus.com/archive/1/535240/100/0/threaded
- http://www.securityfocus.com/bid/74050
- http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware
- http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware
- http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware
- http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware
- http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware
- http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware
- http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware
- http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware
- http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware
- http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware
- http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware
- https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt