Описание
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tp-link:archer_c9_firmware:180125:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c9:v1:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00199
Низкий
6.1 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-59
Связанные уязвимости
github
больше 3 лет назад
UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router.
EPSS
Процентиль: 42%
0.00199
Низкий
6.1 Medium
CVSS3
3.6 Low
CVSS2
Дефекты
CWE-59