Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability
Vulnerability Description
TP-Link TL-WR902AC loginFs Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR902AC routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-21529.
CVSS Information
N/A
Vulnerability Type
使用欺骗进行的认证绕过
Vulnerability Title
TP-LINK TL-WR902AC 安全漏洞
Vulnerability Description
TP-LINK TL-WR902AC是中国普联(TP-LINK)公司的一款 Ac750 旅行路由器。 TP-LINK TL-WR902AC存在安全漏洞,该漏洞源于httpd 服务中存在特定缺陷,允许网络相邻攻击者在受影响的路由器上获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A