Vulnerability Details CVE-2017-9466
The executable httpd on the TP-Link WR841N V8 router before TL-WR841N(UN)_V8_170210 contained a design flaw in the use of DES for block encryption. This resulted in incorrect access control, which allowed attackers to gain read-write access to system settings through the protected router configuration service tddp via the LAN and Ath0 (Wi-Fi) interfaces.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-9466
-
cpe:2.3:h:tp-link:wr841n_v8:-
-
cpe:2.3:o:tp-link:wr841n_v8_firmware:tl-wr841n_v8_140724