Vulnerability-Lookup

CVE-2017-9466 (GCVE-0-2017-9466)

Vulnerability from cvelistv5 – Published: 2017-06-26 07:00 – Updated: 2024-08-05 17:11

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

CNVD-2017-10556

Vulnerability from cnvd - Published: 2017-06-21

Title

TP-LINK WR841N路由器任意代码执行漏洞

Description

TP-Link WR841N是一款SOHO无线路由器。 TP-LINK WR841N V8及之前版本中存在任意代码执行漏洞，攻击者可以绕过访问限制来重置路由器的验证信息（密码等）。在利用该漏洞获得更高权限后，攻击者可以再次利用一个配置服务里存在的栈溢出漏洞来执行代码。

Severity

高

Patch Name

TP-LINK WR841N路由器任意代码执行漏洞的补丁

Patch Description

TP-Link WR841N是一款SOHO无线路由器。 TP-LINK WR841N V8及之前版本中存在任意代码执行漏洞，攻击者可以绕过访问限制来重置路由器的验证信息（密码等）。在利用该漏洞获得更高权限后，攻击者可以再次利用一个配置服务里存在的栈溢出漏洞来执行代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已经发布了升级补丁已修复这个安全问题，请到厂商的主页下载： http://service.tp-link.com.cn/list_download_software_1_0_222.html

Reference

http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code http://www.ibtimes.com/router-vulnerability-tp-link-issues-patch-fix-remote-code-execution-exploit-old-2555113 https://threatpost.com/tp-link-fixes-code-execution-vulnerability-in-end-of-life-routers/126416/

Impacted products

Name
TP-LINK WR841N <=V8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-9466"
    }
  },
  "description": "TP-Link WR841N\u662f\u4e00\u6b3eSOHO\u65e0\u7ebf\u8def\u7531\u5668\u3002\r\n\r\nTP-LINK WR841N V8\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u7ed5\u8fc7\u8bbf\u95ee\u9650\u5236\u6765\u91cd\u7f6e\u8def\u7531\u5668\u7684\u9a8c\u8bc1\u4fe1\u606f\uff08\u5bc6\u7801\u7b49\uff09\u3002\u5728\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u5f97\u66f4\u9ad8\u6743\u9650\u540e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u518d\u6b21\u5229\u7528\u4e00\u4e2a\u914d\u7f6e\u670d\u52a1\u91cc\u5b58\u5728\u7684\u6808\u6ea2\u51fa\u6f0f\u6d1e\u6765\u6267\u884c\u4ee3\u7801\u3002",
  "discovererName": "unknow",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u5df2\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\nhttp://service.tp-link.com.cn/list_download_software_1_0_222.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2017-10556",
  "openTime": "2017-06-21",
  "patchDescription": "TP-Link WR841N\u662f\u4e00\u6b3eSOHO\u65e0\u7ebf\u8def\u7531\u5668\u3002\r\n\r\nTP-LINK WR841N V8\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u7ed5\u8fc7\u8bbf\u95ee\u9650\u5236\u6765\u91cd\u7f6e\u8def\u7531\u5668\u7684\u9a8c\u8bc1\u4fe1\u606f\uff08\u5bc6\u7801\u7b49\uff09\u3002\u5728\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u5f97\u66f4\u9ad8\u6743\u9650\u540e\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u518d\u6b21\u5229\u7528\u4e00\u4e2a\u914d\u7f6e\u670d\u52a1\u91cc\u5b58\u5728\u7684\u6808\u6ea2\u51fa\u6f0f\u6d1e\u6765\u6267\u884c\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "TP-LINK WR841N\u8def\u7531\u5668\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "TP-LINK WR841N \u003c=V8"
  },
  "referenceLink": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code\r\nhttp://www.ibtimes.com/router-vulnerability-tp-link-issues-patch-fix-remote-code-execution-exploit-old-2555113\r\nhttps://threatpost.com/tp-link-fixes-code-execution-vulnerability-in-end-of-life-routers/126416/",
  "serverity": "\u9ad8",
  "submitTime": "2017-06-21",
  "title": "TP-LINK WR841N\u8def\u7531\u5668\u4efb\u610f\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e"
}

FKIE_CVE-2017-9466

Vulnerability from fkie_nvd - Published: 2017-06-26 07:29 - Updated: 2025-04-20 01:37

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	cve@mitre.org	http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code	Exploit, Technical Description, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code	Exploit, Technical Description, Third Party Advisory

Impacted products

	Vendor	Product	Version
	tp-link	wr841n_v8_firmware	*
	tp-link	wr841n_v8	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:tp-link:wr841n_v8_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "27E9EF63-0C67-4BD3-8453-40CC03A662A8",
              "versionEndIncluding": "tl-wr841n_v8_140724",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:tp-link:wr841n_v8:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "19358DDB-F638-48C6-A68C-7476804C14DF",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces."
    },
    {
      "lang": "es",
      "value": "El httpd ejecutable en el router TP-Link WR841N V8, en versiones anteriores a la TL-WR841N(UN)_V8_170210, contiene un fallo de dise\u00f1o en el uso de DES para el cifrado en bloque. Esto result\u00f3 en un control de acceso incorrecto, lo que permit\u00eda que atacantes obtuviesen acceso de lectura-escritura a las opciones del sistema mediante el servicio de configuraci\u00f3n del router protegido tddp mediante las interfaces LAN y Ath0 (Wi-Fi)."
    }
  ],
  "id": "CVE-2017-9466",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-26T07:29:00.340",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Technical Description",
        "Third Party Advisory"
      ],
      "url": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-327"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201706-0765

Vulnerability from variot - Updated: 2025-04-20 23:13

The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces. TP-Link WR841N V8 The router contains a vulnerability related to the use of cryptographic algorithms.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-LinkWR841N is a SOHO wireless router. An arbitrary code execution vulnerability exists in TP-LINKWR841NV8 and earlier. An attacker can bypass the access restrictions to reset the router's authentication information (password, etc.). After exploiting this vulnerability for higher privileges, an attacker could again exploit the stack overflow vulnerability in a configuration service to execute code. TP-Link WR841N V8 is a wireless router product of China Pulian (TP-LINK) company. executable httpd is one of the executable HTTP server programs. There is a security vulnerability in executable httpd in versions earlier than TP-Link WR841N V8 TL-WR841N(UN)_V8_170210

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0765",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "wr841n v8",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "tp link",
        "version": "tl-wr841n_v8_140724"
      },
      {
        "model": "tl-wr841n v8",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "tp link",
        "version": "tl-wr841n(un)_v8_170210"
      },
      {
        "model": "wr841n",
        "scope": "lte",
        "trust": 0.6,
        "vendor": "tp link",
        "version": "\u003c=v8"
      },
      {
        "model": "wr841n v8",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "tp link",
        "version": "tl-wr841n_v8_140724"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/o:tp-link:wr841n_v8_firmware",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      }
    ]
  },
  "cve": "CVE-2017-9466",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-9466",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2017-10556",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-117669",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-9466",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-9466",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-9466",
            "trust": 0.8,
            "value": "Critical"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2017-10556",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201706-157",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-117669",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces. TP-Link WR841N V8 The router contains a vulnerability related to the use of cryptographic algorithms.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The TP-LinkWR841N is a SOHO wireless router. An arbitrary code execution vulnerability exists in TP-LINKWR841NV8 and earlier. An attacker can bypass the access restrictions to reset the router\u0027s authentication information (password, etc.). After exploiting this vulnerability for higher privileges, an attacker could again exploit the stack overflow vulnerability in a configuration service to execute code. TP-Link WR841N V8 is a wireless router product of China Pulian (TP-LINK) company. executable httpd is one of the executable HTTP server programs. There is a security vulnerability in executable httpd in versions earlier than TP-Link WR841N V8 TL-WR841N(UN)_V8_170210",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      }
    ],
    "trust": 2.25
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-9466",
        "trust": 3.1
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556",
        "trust": 0.6
      },
      {
        "db": "SEEBUG",
        "id": "SSVID-93219",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "id": "VAR-201706-0765",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      }
    ],
    "trust": 1.40865801
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      }
    ]
  },
  "last_update_date": "2025-04-20T23:13:05.419000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "TL-WR841N",
        "trust": 0.8,
        "url": "http://www.tp-link.jp/products/details/cat-9_TL-WR841N.html"
      },
      {
        "title": "TP-LINKWR841N router patch for arbitrary code execution vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/96109"
      },
      {
        "title": "TP-Link WR841N V8 executable httpd Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=70789"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-327",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9466"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9466"
      },
      {
        "trust": 0.6,
        "url": "http://www.ibtimes.com/router-vulnerability-tp-link-issues-patch-fix-remote-code-execution-exploit-old-2555113"
      },
      {
        "trust": 0.6,
        "url": "https://threatpost.com/tp-link-fixes-code-execution-vulnerability-in-end-of-life-routers/126416/"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-06-21T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "date": "2017-06-26T00:00:00",
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "date": "2017-07-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "date": "2017-06-07T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "date": "2017-06-26T07:29:00.340000",
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-25T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2017-10556"
      },
      {
        "date": "2017-07-06T00:00:00",
        "db": "VULHUB",
        "id": "VHN-117669"
      },
      {
        "date": "2017-07-25T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      },
      {
        "date": "2017-07-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      },
      {
        "date": "2025-04-20T01:37:25.860000",
        "db": "NVD",
        "id": "CVE-2017-9466"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "TP-Link WR841N V8 Vulnerabilities related to the use of cryptographic algorithms in routers",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-005275"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "lack of information",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-157"
      }
    ],
    "trust": 0.6
  }
}

GSD-2017-9466

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2017-9466

Aliases

CVE-2017-9466

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2017-9466",
    "description": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces.",
    "id": "GSD-2017-9466"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-9466"
      ],
      "details": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces.",
      "id": "GSD-2017-9466",
      "modified": "2023-12-13T01:21:07.750417Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2017-9466",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code",
            "refsource": "MISC",
            "url": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:tp-link:wr841n_v8_firmware:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "tl-wr841n_v8_140724",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:tp-link:wr841n_v8:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9466"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-327"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Technical Description",
                "Third Party Advisory"
              ],
              "url": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2017-07-06T18:19Z",
      "publishedDate": "2017-06-26T07:29Z"
    }
  }
}

GHSA-5M39-QPVM-R38G

Vulnerability from github – Published: 2022-05-17 02:35 – Updated: 2022-05-17 02:35

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2017-9466"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-327"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2017-06-26T07:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces.",
  "id": "GHSA-5m39-qpvm-r38g",
  "modified": "2022-05-17T02:35:51Z",
  "published": "2022-05-17T02:35:51Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9466"
    },
    {
      "type": "WEB",
      "url": "http://blog.senr.io/blog/cve-2017-9466-why-is-my-router-blinking-morse-code"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-9466 (GCVE-0-2017-9466)

CNVD-2017-10556

FKIE_CVE-2017-9466

VAR-201706-0765

GSD-2017-9466

GHSA-5M39-QPVM-R38G

Tags

Sightings

Nomenclature