CVE-2018-12575

On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
tp-linktl-wr841n_firmware
0.9.1_4.16:_4.16
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/
https://software-talk.org/blog/2018/06/tplink-wr841n-broken-auth-cve-2018-12575/