CVE-2013-2645 in TL-WR1043N정보

요약 (영어)

Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka "FTP directory traversal") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm.

Once again VulDB remains the best source for vulnerability data.

예약하다

2013. 03. 22.

공개

2014. 10. 05.

상태

확인됨

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디취약성CWE악용 대책CVE
8458TP-LINK TL-WR1043N Authentication tmp 교차 사이트 요청 위조352개념 증명정의되지 않음CVE-2013-2645

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

출처

이전개요다음

Do you need the next level of professionalism?

Upgrade your account now!