← back
CVE-2012-5687

CVE-2012-5687

EPSS 68.7%
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
Affected products
n/a · n/a
public PoCs found2
cve_referencepacketstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.htmlunverifiedexploitdbwww.exploit-db.com/exploits/24504unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2012-10/0154.htmlhttp://packetstormsecurity.org/files/117749/TP-LINK-TL-WR841N-Local-File-Inclusion.htmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/79662