CVE-2020-35575

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
tp-linkwa901nd_firmware
𝑥
< 3.16.9\(201211\)_beta
tp-linkarcher_c5_firmware
-
tp-linkarcher_c7_firmware
-
tp-linkmr3420_firmware
-
tp-linkmr6400_firmware
-
tp-linkwa701nd_firmware
-
tp-linkwa801nd_firmware
-
tp-linkwdr3500_firmware
-
tp-linkwdr3600_firmware
-
tp-linkwe843n_firmware
-
tp-linkwr1043nd_firmware
-
tp-linkwr1045nd_firmware
-
tp-linkwr740n_firmware
-
tp-linkwr741nd_firmware
-
tp-linkwr749n_firmware
-
tp-linkwr802n_firmware
-
tp-linkwr840n_firmware
-
tp-linkwr841hp_firmware
-
tp-linkwr841n_firmware
-
tp-linkwr842n_firmware
-
tp-linkwr842nd_firmware
-
tp-linkwr845n_firmware
-
tp-linkwr940n_firmware
-
tp-linkwr941hp_firmware
-
tp-linkwr945n_firmware
-
tp-linkwr949n_firmware
-
tp-linkwrd4300_firmware
-
𝑥
= Vulnerable software versions
References
http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html
https://pastebin.com/F8AuUdck
https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip
https://www.tp-link.com/us/security
http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html
https://pastebin.com/F8AuUdck
https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip
https://www.tp-link.com/us/security