CVE-2023-50224
KEVTP-Link TL-WR841N Authentication Bypass by Spoofing Vulnerability
6.5
MediumPublished:
Last updated:
Source:zdi-disclosures@trendmicro.com
Analyzed
Weakness (CWE)
CVSS Vector
v3.0- Attack Vector
- Adjacent
- Attack Complexity
- Low
- Privileges Required
- None
- User Interaction
- None
- Scope
- Unchanged
- Confidentiality
- High
- Integrity
- None
- Availability
- None
Description
TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.
References
zdi-disclosures@trendmicro.com
https://www.tp-link.com/en/support/download/tl-wr841n/v12/#Firmwarezdi-disclosures@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1808/af854a3a-2127-422b-91ae-364da2661108
https://www.tp-link.com/en/support/download/tl-wr841n/v12/#Firmwareaf854a3a-2127-422b-91ae-364da2661108
https://www.zerodayinitiative.com/advisories/ZDI-23-1808/134c704f-9b21-4f2e-91b3-4a467353bcc0
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-50224