Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSH port forwarding requests during initial setup. The issue results from the lack of proper authentication prior to establishing SSH port forwarding rules. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the WAN interface. Was ZDI-CAN-9664.
CVSS Information
N/A
Vulnerability Type
认证机制不恰当
Vulnerability Title
TP-Link Archer A7 AC1750 授权问题漏洞
Vulnerability Description
TP-Link Archer A7 AC1750是中国普联(TP-Link)公司的一款无线路由器。 使用190726 AC1750版本固件的TP-Link Archer A7中存在授权问题漏洞,该漏洞源于在建立SSH端口转发规则之前,缺少正确的身份验证。攻击者可利用该漏洞绕过身份验证,访问被保护的资源。
CVSS Information
N/A
Vulnerability Type
N/A