admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2020/CVE-2020-355xx/CVE-2020-35575.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

867 lines
23 KiB
JSON
Raw Blame History

{
"id": "CVE-2020-35575",
"sourceIdentifier": "cve@mitre.org",
"published": "2020-12-26T02:15:12.870",
"lastModified": "2024-11-21T05:27:36.917",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices."
},
{
"lang": "es",
"value": "Un problema de divulgaci\u00f3n de contrase\u00f1a en la interfaz web de determinados dispositivos TP-Link permite a un atacante remoto obtener acceso administrativo completo al panel web. Esto afecta a los dispositivos WA901ND versiones anteriores a 3.16.9(201211) beta, y los dispositivos Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR840249N, WR840249N, Dispositivos WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N y WRD4300"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wa901nd_firmware:*:*:*:*:*:*:*:*",
"versionEndExcluding": "3.16.9\\(201211\\)_beta",
"matchCriteriaId": "78454764-D995-4121-B5D4-7EB8D2D25C56"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wa901nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3D360D3B-C006-4678-9D2A-2F8B133D8A51"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c5_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C29C27F0-386F-46C7-A2FA-2ADE81887ABA"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c5:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C25DA417-60F3-4E78-A770-709E4FF04504"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:archer_c7_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C56C283F-CEB9-4DB9-B7F7-3F3C01E8BDDB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:archer_c7:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DEDC2B7F-FB5F-4EFF-B928-98CA250CB7A6"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:mr3420_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8F596DB1-A414-4528-A075-AEB9B4C9A836"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:mr3420:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE2F6C3-F312-489B-9688-3425D5F70B7B"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:mr6400_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "108C6248-A5AA-4C55-8DD3-6355C1423DA2"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:mr6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F28ABF89-111A-49E0-9FCF-88C73A49D4B5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wa701nd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6898D0DA-977C-4274-AFE7-15949075EBF0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wa701nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "927C2347-E983-4B56-8CEE-C38E983F5527"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wa801nd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CD656094-A2F9-4E51-9011-2D36EB668BBC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wa801nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "D6B1E54A-036A-4B0B-AB37-B68651234D9F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wdr3500_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A6B2A9-E063-459B-AE3B-4F54591DA0FF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wdr3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DBBD8E7C-A05F-4F61-B91C-2228B1B7C989"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wdr3600_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EA0B6B6A-89C6-4AB5-AD7E-5B22A5A767A9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wdr3600:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28E797DA-B428-439E-A31C-B4E6B3BB2180"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:we843n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BFE110E1-D900-4A89-80F7-3B70227BCF74"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:we843n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C3338F5-B1BF-4B18-A725-544F4D90BD8F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr1043nd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "94301AEF-B801-4BE4-AD8F-ED732680461C"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr1043nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C8079B0F-1061-4DA1-B43D-1CDDB60D6DC5"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr1045nd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5372D0C1-B2A8-4A83-BB88-3C3D97C4C5BB"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr1045nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E2F5D576-CC51-4D18-B9FC-75496CFB85EC"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr740n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CE51163-C290-4C5D-A187-5AC3933CCD93"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr740n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FF514269-E922-4F2B-9A14-B99AA66C5BDE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr741nd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0DCD1B98-1A1F-45CF-AD3A-78F45E8D14F9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr741nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "87251418-A84D-4BA2-A016-349E980BD04E"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr749n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3850BA2F-EE3C-4C44-A26F-353E46E40077"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr749n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E290F2A8-C798-49F7-A560-CCEC8BCF3861"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr802n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91EF60F7-D1B5-4A21-97C1-91E902CD02D1"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr802n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "02D02C2D-AEF5-4B53-AA4F-43884D604F7A"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr840n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3E3355F6-8EAF-43DD-A946-7492C63E2805"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr840n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1D05124E-DAD8-4F65-804C-4BBD0AA2637F"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr841hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6B88EDFD-0DFF-43C6-99BE-73EB321016EC"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr841hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B0C9B9EA-D52D-47E5-841F-279CA21C5992"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr841n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3885AABC-674C-4C11-8749-20949AD3A9D0"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr841n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FFE54BD8-2B60-41D1-B9A7-7DF60E855120"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr842n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0C871979-0156-4BEB-AFB2-976D8213D6A9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr842n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "89313A6F-A222-490E-9A31-2E4E71B4F789"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr842nd_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "0B1D5E20-2D4D-4CBC-A97A-F6AB52575049"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr842nd:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EDE2A50B-197D-4FBE-980E-775D5947FF5C"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr845n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE2B244B-B379-4FAE-B9A2-2A0B7E6F068E"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr845n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "57E0FBB1-8836-4F77-BB29-E332073F90FE"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr940n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "B954DE5B-3D99-43B6-8BC2-67E37581E911"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr940n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "839BE14B-F80C-4788-94ED-E6D7FC3BE290"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr941hp_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C584EB85-EC07-44BE-A7F3-EF164955670A"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr941hp:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EBC75F36-DD1D-4152-9583-105C1BDC6A2D"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr945n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2423E4EB-547B-47C2-9238-47428375BD97"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr945n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "BC3F2019-E1AB-4EEA-951F-1C9EEFE52506"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wr949n_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E3A83783-C56D-49F9-8D81-69D2C5AB3633"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wr949n:-:*:*:*:*:*:*:*",
"matchCriteriaId": "71BA5B32-2AA9-4462-BFF5-AF4958CDDCE9"
}
]
}
]
},
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:tp-link:wrd4300_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "03F3ABE3-5679-4898-8C72-C084FC4D9DD9"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:h:tp-link:wrd4300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "42E905BF-2020-44B3-A742-8E50A0DE1373"
}
]
}
]
}
],
"references": [
{
"url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://pastebin.com/F8AuUdck",
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip",
"source": "cve@mitre.org"
},
{
"url": "https://www.tp-link.com/us/security",
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
]
},
{
"url": "http://packetstormsecurity.com/files/163274/TP-Link-TL-WR841N-Command-Injection.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://pastebin.com/F8AuUdck",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://static.tp-link.com/2020/202012/20201214/wa901ndv5_eu_3_16_9_up_boot%28201211%29.zip",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.tp-link.com/us/security",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink