关联漏洞
标题:
TP-Link TL-WR840N和TL-WR841N 安全漏洞
(CVE-2018-11714)
描述:TP-Link TL-WR840N和TL-WR841N都是中国普联(TP-LINK)公司的无线路由器产品。 TP-Link TL-WR840N和TL-WR841N中存在安全漏洞,该漏洞源于程序没有正确的处理会话。攻击者可利用该漏洞执行任意操作。以下产品和版本受到影响:TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n版本;TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Buil
描述
An issue was discovered on TP-Link TL-WR840N. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.
介绍
# cve-2018-11714_POC
An issue was discovered on TP-Link TL-WR840N. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action.
artigo [pt-br]: https://nous.sidneypepo.com/router2025.html
文件快照
[4.0K] /data/pocs/242e522b44224c083a31ae090137ca49b4885501
├── [ 926] poc.py
└── [ 343] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。