Lucene search

[email protected]CVE-2018-3949

HistoryDec 01, 2018 - 3:29 a.m.

CVE-2018-3949

2018-12-0103:29:00

CWE-22

[email protected]

web.nvd.nist.gov

In Wild

cve-2018-3949

information disclosure

http server

tp-link

directory traversal

authentication bypass

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

High

0.033 Low

EPSS

Percentile

91.4%

JSON

An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated web request to trigger this vulnerability.

Affected configurations

Vulners

NVD

Node

talostp-linkRange≤TP-Link TL-R600VPN HWv3 FRNv1.3.0 TP-Link TL-R600VPN HWv2 FRNv1.2.3

CPENameOperatorVersion
tp-link:tl-r600vpn_firmwaretp-link tl-r600vpn firmwareeq1.3.0

CPE	Name	Operator	Version
tp-link:tl-r600vpn_firmware	tp-link tl-r600vpn firmware	eq	1.3.0

CNA Affected

[
  {
    "product": "TP-Link",
    "vendor": "Talos",
    "versions": [
      {
        "status": "affected",
        "version": "TP-Link TL-R600VPN HWv3 FRNv1.3.0 TP-Link TL-R600VPN HWv2 FRNv1.2.3"
      }
    ]
  }
]