CVE-2020-35575 in WA901NDinfo

Summary

by MITRE • 12/26/2020

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Disclosure

12/26/2020

Moderation

accepted

Entry

VDB-166828

CPE

ready

CWE

CWE-200 (confirmed)

CVSS

4.3 (VulDB)

EPSS

0.18786

KEV

Activities

very low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2020-35575
NVD	https://nvd.nist.gov/vuln/detail/CVE-2020-35575
CVE Details	https://www.cvedetails.com/cve/CVE-2020-35575/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!