漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Predictable Default Cryptographic Key Used for DES Encryption in TP-Link TL-WL841N
Vulnerability Description
TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized access to the protocol, read debug data, modify certain device configuration values, and trigger device reboot, resulting in loss of integrity and a denial-of-service condition.
CVSS Information
N/A
Vulnerability Type
CWE-1394
Vulnerability Title
TP-Link TL-WR841N 安全漏洞
Vulnerability Description
TP-Link TL-WR841N是中国普联(TP-Link)公司的一款路由器。 TP-Link TL-WR841N v13版本存在安全漏洞,该漏洞源于TDDPv2调试协议使用DES-CBC加密且密钥可预测,可能导致网络邻近攻击者未经授权访问协议、读取调试数据、修改设备配置并触发重启。
CVSS Information
N/A
Vulnerability Type
N/A