TP-LINK TL-SC3171 prior LM.1.6.18P12_sign6) Access Control access control
CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
---|---|---|
6.7 | $0-$5k | 0.00 |
A vulnerability was found in TP-LINK TL-SC3171 (Router Operating System). It has been classified as critical. Affected is an unknown functionality of the component Access Control Handler. The manipulation with an unknown input leads to a access control vulnerability. CWE is classifying the issue as CWE-264. This is going to have an impact on availability. CVE summarizes:
The TP-Link IP Cameras TL-SC3171, TL-SC3130, TL-SC3130G, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, does not properly restrict access to certain administrative functions, which allows remote attackers to (1) cause a denial of service (device reboot) via a request to cgi-bin/reboot or (2) cause a denial of service (reboot and reset to factory defaults) via a request to cgi-bin/hardfactorydefault.
The weakness was published 06/12/2013 by Eliezer Varadé Lopez, Javier Repiso Sánchez and Jonás Ropero Castillo as not defined mailinglist post (Full-Disclosure). The advisory is available at seclists.org. The vendor was not involved in the coordination of the public release. This vulnerability is traded as CVE-2013-3688 since 05/29/2013. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. Technical details are unknown but a public exploit is available. This vulnerability is assigned to T1068 by the MITRE ATT&CK project.
After immediately, there has been an exploit disclosed. The exploit is shared for download at seclists.org. It is declared as proof-of-concept.
Upgrading to version LM.1.6.18P12_sign6) eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at tp-link.us. The best possible mitigation is suggested to be patching the affected component. A possible mitigation has been published 2 months after the disclosure of the vulnerability.
Similar entries are available at 9148, 9149, 65264 and 65263.
Product
Type
Vendor
Name
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB CVSS-B Score: 🔍VulDB CVSS-BT Score: 🔍
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 7.5VulDB Meta Temp Score: 6.7
VulDB Base Score: 7.5
VulDB Temp Score: 6.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
AV | AC | Au | C | I | A |
---|---|---|---|---|---|
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
---|---|---|---|---|---|
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
unlock | unlock | unlock | unlock | unlock | unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Access controlCWE: CWE-264
ATT&CK: T1068
Local: No
Remote: Yes
Availability: 🔍
Access: Public
Status: Proof-of-Concept
Download: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
0-Day | unlock | unlock | unlock | unlock |
---|---|---|---|---|
Today | unlock | unlock | unlock | unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: PatchStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Exploit Delay Time: 🔍
Upgrade: TL-SC3171 LM.1.6.18P12_sign6)
Patch: tp-link.us
Timeline
05/29/2013 🔍06/12/2013 🔍
06/12/2013 🔍
06/14/2013 🔍
06/14/2013 🔍
08/06/2013 🔍
10/01/2013 🔍
Sources
Vendor: tp-link.comAdvisory: seclists.org
Researcher: Eliezer Varadé Lopez, Javier Repiso Sánchez, Jonás Ropero Castillo
Status: Not defined
CVE: CVE-2013-3688 (🔍)
OSVDB: 94227
scip Labs: https://www.scip.ch/en/?labs.20161013
See also: 🔍
Entry
Created: 06/14/2013 13:39Changes: 06/14/2013 13:39 (62)
Complete: 🔍
Committer:
No comments yet. Languages: en.
Please log in to comment.