CVE-2024-46340

Опубликовано: 10 дек. 2024

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

TL-WR845N(UN)_V4_201214, TP-Link TL-WR845N(UN)_V4_200909, and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.

Ссылки

https://security.iiita.ac.in/iot/factory-reset.docx
Third Party Advisory
https://security.iiita.ac.in/iot/factory-reset.docx
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tp-link:tl-wr845n_firmware:201214:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wr845n:v4:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:tp-link:tl-wr845n_firmware:200909:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wr845n:v4:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

cpe:2.3:o:tp-link:tl-wr845n_firmware:190219:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wr845n:v4:*:*:*:*:*:*:*

EPSS

Процентиль: 35%

0.00146

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-312

Связанные уязвимости

GHSA-v8rw-4jh7-4cx9

CVSS3: 8.8

github

около 1 года назад

TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.

EPSS

Процентиль: 35%

0.00146

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-312