CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3035

Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.935

EPSS Ranking 99.8%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 7.8

Proposed Action

Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

Ransomware Campaign

Unknown

References

Products affected by CVE-2015-3035

Tp-Link » Archer C5 (1.2) » Version: N/A

cpe:2.3:h:tp-link:archer_c5_(1.2):-
Tp-Link » Archer C7 (2.0) » Version: N/A

cpe:2.3:h:tp-link:archer_c7_(2.0):-
Tp-Link » Archer C8 (1.0) » Version: N/A

cpe:2.3:h:tp-link:archer_c8_(1.0):-
Tp-Link » Archer C9 (1.0) » Version: N/A

cpe:2.3:h:tp-link:archer_c9_(1.0):-
Tp-Link » Tl-Wdr3500 (1.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wdr3500_(1.0):-
Tp-Link » Tl-Wdr3600 (1.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wdr3600_(1.0):-
Tp-Link » Tl-Wdr4300 (1.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wdr4300_(1.0):-
Tp-Link » Tl-Wr740n (5.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wr740n_(5.0):-
Tp-Link » Tl-Wr741nd (5.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wr741nd_(5.0):-
Tp-Link » Tl-Wr841n (10.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wr841n_(10.0):-
Tp-Link » Tl-Wr841n (9.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wr841n_(9.0):-
Tp-Link » Tl-Wr841nd (10.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wr841nd_(10.0):-
Tp-Link » Tl-Wr841nd (9.0) » Version: N/A

cpe:2.3:h:tp-link:tl-wr841nd_(9.0):-
Tp-Link » Archer C5 (1.2) Firmware » Version: 141126

cpe:2.3:o:tp-link:archer_c5_(1.2)_firmware:141126
Tp-Link » Archer C7 (2.0) Firmware » Version: 141110

cpe:2.3:o:tp-link:archer_c7_(2.0)_firmware:141110
Tp-Link » Archer C8 (1.0) Firmware » Version: 141023

cpe:2.3:o:tp-link:archer_c8_(1.0)_firmware:141023
Tp-Link » Archer C9 (1.0) Firmware » Version: 150122

cpe:2.3:o:tp-link:archer_c9_(1.0)_firmware:150122
Tp-Link » Tl-Wdr3500 (1.0) Firmware » Version: 141113

cpe:2.3:o:tp-link:tl-wdr3500_(1.0)_firmware:141113
Tp-Link » Tl-Wdr3600 (1.0) Firmware » Version: 141022

cpe:2.3:o:tp-link:tl-wdr3600_(1.0)_firmware:141022
Tp-Link » Tl-Wdr4300 (1.0) Firmware » Version: 141113

cpe:2.3:o:tp-link:tl-wdr4300_(1.0)_firmware:141113
Tp-Link » Tl-Wr740n (5.0) Firmware » Version: 141217

cpe:2.3:o:tp-link:tl-wr740n_(5.0)_firmware:141217
Tp-Link » Tl-Wr741nd (5.0) Firmware » Version: 141217

cpe:2.3:o:tp-link:tl-wr741nd_(5.0)_firmware:141217
Tp-Link » Tl-Wr841n (10.0) Firmware » Version: 150104

cpe:2.3:o:tp-link:tl-wr841n_(10.0)_firmware:150104
Tp-Link » Tl-Wr841n (9.0) Firmware » Version: 150104

cpe:2.3:o:tp-link:tl-wr841n_(9.0)_firmware:150104
Tp-Link » Tl-Wr841nd (10.0) Firmware » Version: 150104

cpe:2.3:o:tp-link:tl-wr841nd_(10.0)_firmware:150104
Tp-Link » Tl-Wr841nd (9.0) Firmware » Version: 150104

cpe:2.3:o:tp-link:tl-wr841nd_(9.0)_firmware:150104

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-3035

Products

Pricing

Contact Us