VAR-202101-0591
Vulnerability from variot - Updated: 2023-12-18 12:49A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. TP-Link Provides Wi-Fi Router TL-WR841N Hardware version V13 (JP) For firmware for OS Command injection vulnerabilities (CWE-78) Exists. TP-Link According to the hardware version V14 (JP) It is said that this vulnerability does not exist in the firmware for. This vulnerability information is available from Three Shake Co., Ltd. Koh You Liang He reports directly to the product developer, and after coordinating with the product developer, aims to inform the product user. JVN It was announced in.Of the product web The user who can log in to the interface is not expected due to the firmware design OS May execute the command. Tp-link TL-WR841N is a wireless router of Tp-link company in China. Attackers can use this vulnerability to execute arbitrary commands on the system
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202101-0591",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tl-wr841n",
"scope": "lt",
"trust": 1.6,
"vendor": "tp link",
"version": "201216"
},
{
"model": "tl-wr841n",
"scope": "eq",
"trust": 0.8,
"vendor": "tp link",
"version": "v13 (jp) \u5411\u3051\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 201216"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "NVD",
"id": "CVE-2020-35576"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-wr841n_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "201216",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tp-link:tl-wr841n:v13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35576"
}
]
},
"cve": "CVE-2020-35576",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "IPA",
"availabilityImpact": "Complete",
"baseScore": 8.5,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2021-001010",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 8.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "CNVD-2021-20282",
"impactScore": 8.5,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:C/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULMON",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.0,
"id": "CVE-2020-35576",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.1,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "IPA",
"availabilityImpact": "High",
"baseScore": 7.2,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2021-001010",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "High",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-35576",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2021-001010",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2021-20282",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202101-2044",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-35576",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. TP-Link Provides Wi-Fi Router TL-WR841N Hardware version V13 (JP) For firmware for OS Command injection vulnerabilities (CWE-78) Exists. TP-Link According to the hardware version V14 (JP) It is said that this vulnerability does not exist in the firmware for. This vulnerability information is available from Three Shake Co., Ltd. Koh You Liang He reports directly to the product developer, and after coordinating with the product developer, aims to inform the product user. JVN It was announced in.Of the product web The user who can log in to the interface is not expected due to the firmware design OS May execute the command. Tp-link TL-WR841N is a wireless router of Tp-link company in China. Attackers can use this vulnerability to execute arbitrary commands on the system",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "VULMON",
"id": "CVE-2020-35576"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-35576",
"trust": 3.1
},
{
"db": "JVN",
"id": "JVNVU92444096",
"trust": 2.5
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010",
"trust": 2.0
},
{
"db": "CNVD",
"id": "CNVD-2021-20282",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2044",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2020-35576",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"id": "VAR-202101-0591",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
}
],
"trust": 1.0402277199999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
}
]
},
"last_update_date": "2023-12-18T12:49:22.064000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Download TL-WR841N V13",
"trust": 0.8,
"url": "https://www.tp-link.com/jp/support/download/tl-wr841n/v13/"
},
{
"title": "\u30d5\u30a1\u30fc\u30e0\u30a6\u30a7\u30a2 \u30d0\u30fc\u30b8\u30e7\u30f3\u306e\u78ba\u8a8d\u306e\u3057\u304b\u305f",
"trust": 0.8,
"url": "https://www.tp-link.com/jp/support/faq/315/"
},
{
"title": "Patch for Tp-link TL-WR841N injection vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/254146"
},
{
"title": "Tp-link TL-WR841N Repair measures for injecting vulnerabilities",
"trust": 0.6,
"url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=140022"
},
{
"title": "TL_WR841N",
"trust": 0.1,
"url": "https://github.com/bussy1/tl_wr841n "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/live-hack-cve/cve-2020-35576 "
},
{
"title": "Vulnerability",
"trust": 0.1,
"url": "https://github.com/tzwlhack/vulnerability "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/kaychenvip/vulnerability-poc "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "NVD",
"id": "CVE-2020-35576"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://jvn.jp/en/vu/jvnvu92444096/"
},
{
"trust": 1.7,
"url": "https://www.tp-link.com/us/security"
},
{
"trust": 1.7,
"url": "https://www.tp-link.com/jp/support/download/tl-wr841n/v13/#firmware"
},
{
"trust": 1.2,
"url": "https://jvndb.jvn.jp/en/contents/2021/jvndb-2021-001010.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-35576"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu92444096"
},
{
"trust": 0.8,
"url": "https://isopach.dev/cve-2020-35576/"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-35576"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://github.com/bussy1/tl_wr841n"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-21T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"date": "2021-01-26T00:00:00",
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"date": "2021-01-25T06:06:59",
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"date": "2021-01-26T18:15:54.223000",
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"date": "2021-01-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2021-03-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2021-20282"
},
{
"date": "2023-02-02T00:00:00",
"db": "VULMON",
"id": "CVE-2020-35576"
},
{
"date": "2021-01-25T06:06:59",
"db": "JVNDB",
"id": "JVNDB-2021-001010"
},
{
"date": "2023-02-02T19:58:07.720000",
"db": "NVD",
"id": "CVE-2020-35576"
},
{
"date": "2022-12-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-Link Made TL-WR841N V13 (JP) In OS Command injection vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2021-001010"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202101-2044"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…