CVE-2015-3035 PoC — 多款TP-LINK产品路径遍历漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2015/CVE-2015-3035.yaml

Associated Vulnerability

Title:多款TP-LINK产品路径遍历漏洞 (CVE-2015-3035)
Description:TP-LINK Archer C5等都是中国普联（TP-LINK）公司的无线路由器产品。多款TP-LINK产品中存在目录遍历漏洞，该漏洞源于login/ URI没有充分过滤PATH_INFO值。远程攻击者可借助目录遍历字符‘..’利用该漏洞读取任意文件。以下产品及版本受到影响：使用150317之前版本固件的TP-LINK Archer C5（硬件版本：1.2版本），使用150304之前版本固件的C7（硬件版本：2.0版本），使用150316之前版本固件的C8（硬件版本：1.0版本），使用150302之前

Description

TP-LINK is susceptible to local file inclusion in these products: Archer C5 (1.2) with firmware before 150317, Archer C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310.  Because of insufficient input validation, arbitrary local files can be disclosed. Files that include passwords and other sensitive information can be accessed.

File Snapshot


 id: CVE-2015-3035

info:
  name: TP-LINK - Local File Inclusion
  author: 0x_Akoko
  severity: high


...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!