Search

Find a vulnerability

Search criteria

    10 vulnerabilities found for archer_c5_firmware by tp-link

    CVE-2022-4498 (GCVE-0-2022-4498)

    Vulnerability from nvd – Published: 2023-01-11 20:38 – Updated: 2025-11-04 19:14
    VLAI
    Title
    A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.
    Summary
    In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:14.345Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4498",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:14:59.035196Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:15:15.560Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T20:38:37.312Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4498"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4498",
        "datePublished": "2023-01-11T20:38:37.312Z",
        "dateReserved": "2022-12-14T17:59:41.586Z",
        "dateUpdated": "2025-11-04T19:14:14.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-4499 (GCVE-0-2022-4499)

    Vulnerability from nvd – Published: 2023-01-11 18:48 – Updated: 2025-11-04 19:14
    VLAI
    Title
    The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
    Summary
    TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:15.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4499",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T13:40:07.571499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T13:40:37.438Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-676",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-12T17:03:51.519Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-4499"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4499",
        "datePublished": "2023-01-11T18:48:41.778Z",
        "dateReserved": "2022-12-14T18:09:49.250Z",
        "dateUpdated": "2025-11-04T19:14:15.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-35575 (GCVE-0-2020-35575)

    Vulnerability from nvd – Published: 2020-12-26 02:02 – Updated: 2024-08-04 17:09
    VLAI
    Summary
    A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:09:13.414Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tp-link.com/us/security"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://pastebin.com/F8AuUdck"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-24T19:06:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tp-link.com/us/security"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://pastebin.com/F8AuUdck"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-35575",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tp-link.com/us/security",
                  "refsource": "MISC",
                  "url": "https://www.tp-link.com/us/security"
                },
                {
                  "name": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip",
                  "refsource": "MISC",
                  "url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip"
                },
                {
                  "name": "https://pastebin.com/F8AuUdck",
                  "refsource": "MISC",
                  "url": "https://pastebin.com/F8AuUdck"
                },
                {
                  "name": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-35575",
        "datePublished": "2020-12-26T02:02:45.000Z",
        "dateReserved": "2020-12-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T17:09:13.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19537 (GCVE-0-2018-19537)

    Vulnerability from nvd – Published: 2018-11-26 03:00 – Updated: 2024-08-05 11:37
    VLAI
    Summary
    TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2018-11-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:37:11.533Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-11-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-26T03:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-19537",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE",
                  "refsource": "MISC",
                  "url": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-19537",
        "datePublished": "2018-11-26T03:00:00.000Z",
        "dateReserved": "2018-11-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:37:11.533Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-3035 (GCVE-0-2015-3035)

    Vulnerability from nvd – Published: 2015-04-17 18:00 – Updated: 2025-10-21 23:56
    VLAI CISA KEVIntel
    Summary
    Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Date Public
    2015-04-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:32:21.387Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware"
              },
              {
                "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2015/Apr/26"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware"
              },
              {
                "name": "74050",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74050"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware"
              },
              {
                "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/535240/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2015-3035",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-04T21:02:10.582295Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-03-25",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3035"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-22",
                    "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:56:02.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3035"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-03-25T00:00:00.000Z",
                "value": "CVE-2015-3035 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-04-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware"
            },
            {
              "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2015/Apr/26"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware"
            },
            {
              "name": "74050",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74050"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware"
            },
            {
              "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/535240/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-3035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware"
                },
                {
                  "name": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware"
                },
                {
                  "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2015/Apr/26"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware"
                },
                {
                  "name": "74050",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74050"
                },
                {
                  "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt",
                  "refsource": "MISC",
                  "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware"
                },
                {
                  "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/535240/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-3035",
        "datePublished": "2015-04-17T18:00:00.000Z",
        "dateReserved": "2015-04-08T00:00:00.000Z",
        "dateUpdated": "2025-10-21T23:56:02.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-4498 (GCVE-0-2022-4498)

    Vulnerability from cvelistv5 – Published: 2023-01-11 20:38 – Updated: 2025-11-04 19:14
    VLAI
    Title
    A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.
    Summary
    In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:14.345Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 9.8,
                  "baseSeverity": "CRITICAL",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4498",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:14:59.035196Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:15:15.560Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-11T20:38:37.312Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A vulnerable HTTP Basic Authentication process in TP-Link routers, Archer C5 and WR710N-V1, is susceptible to either a DoS or an arbitrary code execution via any interface.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api//cve/CVE-2022-4498"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4498",
        "datePublished": "2023-01-11T20:38:37.312Z",
        "dateReserved": "2022-12-14T17:59:41.586Z",
        "dateUpdated": "2025-11-04T19:14:14.345Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-4499 (GCVE-0-2022-4499)

    Vulnerability from cvelistv5 – Published: 2023-01-11 18:48 – Updated: 2025-11-04 19:14
    VLAI
    Title
    The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.
    Summary
    TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2025-11-04T19:14:15.425Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://kb.cert.org/vuls/id/572615"
              },
              {
                "url": "https://www.kb.cert.org/vuls/id/572615"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-4499",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T13:40:07.571499Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T13:40:37.438Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WR710N",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V1-151022"
                }
              ]
            },
            {
              "product": "Archer C5",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "V2_160221_US"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. By measuring the response time of the httpd process, an attacker could guess each byte of the username and password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-676",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-12T17:03:51.519Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://kb.cert.org/vuls/id/572615"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "The strcmp function in TP-Link routers, Archer C5 and WR710N-V1, used for checking credentials in httpd, is susceptible to a side-channel attack.",
          "x_generator": {
            "engine": "VINCE 2.0.5",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2022-4499"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2022-4499",
        "datePublished": "2023-01-11T18:48:41.778Z",
        "dateReserved": "2022-12-14T18:09:49.250Z",
        "dateUpdated": "2025-11-04T19:14:15.425Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-35575 (GCVE-0-2020-35575)

    Vulnerability from cvelistv5 – Published: 2020-12-26 02:02 – Updated: 2024-08-04 17:09
    VLAI
    Summary
    A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T17:09:13.414Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.tp-link.com/us/security"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://pastebin.com/F8AuUdck"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-06-24T19:06:16.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.tp-link.com/us/security"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://pastebin.com/F8AuUdck"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-35575",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.tp-link.com/us/security",
                  "refsource": "MISC",
                  "url": "https://www.tp-link.com/us/security"
                },
                {
                  "name": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip",
                  "refsource": "MISC",
                  "url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot(201211).zip"
                },
                {
                  "name": "https://pastebin.com/F8AuUdck",
                  "refsource": "MISC",
                  "url": "https://pastebin.com/F8AuUdck"
                },
                {
                  "name": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-35575",
        "datePublished": "2020-12-26T02:02:45.000Z",
        "dateReserved": "2020-12-20T00:00:00.000Z",
        "dateUpdated": "2024-08-04T17:09:13.414Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19537 (GCVE-0-2018-19537)

    Vulnerability from cvelistv5 – Published: 2018-11-26 03:00 – Updated: 2024-08-05 11:37
    VLAI
    Summary
    TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2018-11-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:37:11.533Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-11-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-11-26T03:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-19537",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE",
                  "refsource": "MISC",
                  "url": "https://github.com/JackDoan/TP-Link-ArcherC5-RCE"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-19537",
        "datePublished": "2018-11-26T03:00:00.000Z",
        "dateReserved": "2018-11-25T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:37:11.533Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-3035 (GCVE-0-2015-3035)

    Vulnerability from cvelistv5 – Published: 2015-04-17 18:00 – Updated: 2025-10-21 23:56
    VLAI CISA KEVIntel
    Summary
    Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
    SSVC
    Exploitation: active Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Date Public
    2015-04-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:32:21.387Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware"
              },
              {
                "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                "tags": [
                  "mailing-list",
                  "x_refsource_FULLDISC",
                  "x_transferred"
                ],
                "url": "http://seclists.org/fulldisclosure/2015/Apr/26"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware"
              },
              {
                "name": "74050",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74050"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware"
              },
              {
                "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/535240/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 7.5,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2015-3035",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-04T21:02:10.582295Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2022-03-25",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3035"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-22",
                    "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-10-21T23:56:02.932Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3035"
              }
            ],
            "timeline": [
              {
                "lang": "en",
                "time": "2022-03-25T00:00:00.000Z",
                "value": "CVE-2015-3035 added to CISA KEV"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-04-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware"
            },
            {
              "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
              "tags": [
                "mailing-list",
                "x_refsource_FULLDISC"
              ],
              "url": "http://seclists.org/fulldisclosure/2015/Apr/26"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware"
            },
            {
              "name": "74050",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74050"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware"
            },
            {
              "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/535240/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2015-3035",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C9_V1.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C7_V2.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR740N_V5.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C5_V1.20.html#Firmware"
                },
                {
                  "name": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html",
                  "refsource": "MISC",
                  "url": "http://packetstormsecurity.com/files/131378/TP-LINK-Local-File-Disclosure.html"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR841N_V9.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR841ND_V9.html#Firmware"
                },
                {
                  "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                  "refsource": "FULLDISC",
                  "url": "http://seclists.org/fulldisclosure/2015/Apr/26"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WDR3600_V1.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WDR3500_V1.html#Firmware"
                },
                {
                  "name": "74050",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/74050"
                },
                {
                  "name": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt",
                  "refsource": "MISC",
                  "url": "https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WR741ND_V5.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/Archer-C8_V1.html#Firmware"
                },
                {
                  "name": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware",
                  "refsource": "CONFIRM",
                  "url": "http://www.tp-link.com/en/download/TL-WDR4300_V1.html#Firmware"
                },
                {
                  "name": "20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/535240/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2015-3035",
        "datePublished": "2015-04-17T18:00:00.000Z",
        "dateReserved": "2015-04-08T00:00:00.000Z",
        "dateUpdated": "2025-10-21T23:56:02.932Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }