TP-LINK Omada Controller Software 3.2.6 eap-web-3.2.6.jar path traversal

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in TP-LINK Omada Controller Software 3.2.6. This vulnerability affects some unknown processing of the file /opt/tplink/EAPController/lib/eap-web-3.2.6.jar. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1005854505/05/2020VulD...cve_nvd_summaryTP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar.mitre.org05/05/2020accepted100
1005854405/05/2020VulD...cve_assigned1588118400mitre.org05/05/2020accepted100
1005854005/05/2020VulD...cvss3_nvd_aNnist.gov05/05/2020accepted100
1005853905/05/2020VulD...cvss3_nvd_iNnist.gov05/05/2020accepted100
1005853805/05/2020VulD...cvss3_nvd_cHnist.gov05/05/2020accepted100
1005853705/05/2020VulD...cvss3_nvd_sUnist.gov05/05/2020accepted100
1005853605/05/2020VulD...cvss3_nvd_uiNnist.gov05/05/2020accepted100
1005853505/05/2020VulD...cvss3_nvd_prLnist.gov05/05/2020accepted100
1005853405/05/2020VulD...cvss3_nvd_acLnist.gov05/05/2020accepted100
1005853305/05/2020VulD...cvss3_nvd_avLnist.gov05/05/2020accepted100
1005852005/05/2020VulD...cvss2_nvd_aiNnist.gov05/05/2020accepted100
1005851905/05/2020VulD...cvss2_nvd_iiNnist.gov05/05/2020accepted100
1005851805/05/2020VulD...cvss2_nvd_ciPnist.gov05/05/2020accepted100
1005851705/05/2020VulD...cvss2_nvd_auNnist.gov05/05/2020accepted100
1005851605/05/2020VulD...cvss2_nvd_acLnist.gov05/05/2020accepted100
1005851505/05/2020VulD...cvss2_nvd_avLnist.gov05/05/2020accepted100
1005850505/05/2020VulD...cwe22 (directory traversal)05/05/2020accepted100
1005855205/05/2020VulD...cvss3_nvd_basescore5.5nist.gov05/05/2020accepted90
1005855105/05/2020VulD...cvss3_vuldb_rcX05/05/2020accepted90
1005855005/05/2020VulD...cvss3_vuldb_rlX05/05/2020accepted90

Might our Artificial Intelligence support you?

Check our Alexa App!