CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-12195

TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name. The attacker must log into the router by breaking the password and going to the admin login page by THC-HYDRA to get the network name. With an XSS payload, the network name changed automatically and the internet connection was disconnected. All the users become disconnected from the internet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.6%

CVSS Severity

CVSS v3 Score 4.8

CVSS v2 Score 3.5

References

http://packetstormsecurity.com/files/153027/TP-LINK-TL-WR840N-Cross-Site-Scripting.html
https://www.tp-link.com/us/security
http://packetstormsecurity.com/files/153027/TP-LINK-TL-WR840N-Cross-Site-Scripting.html
https://www.tp-link.com/us/security

Products affected by CVE-2019-12195

Tp-Link » Tl-Wr840n » Version: 5.0

cpe:2.3:h:tp-link:tl-wr840n:5.0
Tp-Link » Tl-Wr840n Firmware » Version: 0.9.1_3.16

cpe:2.3:o:tp-link:tl-wr840n_firmware:0.9.1_3.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-12195

Products

Pricing

Contact Us