exploitDog

CVE-2024-46341

Опубликовано: 10 дек. 2024

Источник: nvd

CVSS3: 8

EPSS Низкий

Описание

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.

Ссылки

https://security.iiita.ac.in/iot/base64-authorization.docx
Third Party Advisory
https://security.iiita.ac.in/iot/base64-authorization.docx
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tp-link:tl-wr845n_firmware:190219:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wr845n:v4:*:*:*:*:*:*:*

EPSS

Процентиль: 24%

0.00081

Низкий

8 High

CVSS3

Дефекты

CWE-522

Связанные уязвимости

GHSA-362j-p2h8-qq8p

CVSS3: 8

github

около 1 года назад

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.

EPSS

Процентиль: 24%

0.00081

Низкий

8 High

CVSS3

Дефекты

CWE-522