Associated Vulnerability
Title:多款 Tp-Link 路由器产品信息泄露漏洞 (CVE-2020-35575)Description:Tp-link TP-Link TL-WR940N等都是中国普联(Tp-link)公司的产品。TP-Link TL-WR940N是一款无线路由器。TP-Link WR1043nd是一款无线路由器。TP-Link TL-WR841N是一款无线路由器。TP-Link TL-WR740N是一款无线路由器。Tp-Link MR3420等都是中国普联(Tp-Link)公司的产品。Tp-Link MR3420是一款无线路由器。Tp-Link MR6400是一款无线路由器。Tp-Link WA701ND是一款无线路由器
Description
password-disclosure issue in the web interface on certain TP-Link devices
Readme
# CVE-2020-35575-password-disclosure-issue-in-the-web-interface
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote malicious user to get full administrative access to the web panel. This affects WA901ND devices prior to 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
The script weaponizes the attack. Do not use it to harm.
File Snapshot
[4.0K] /data/pocs/cf0fec7e00232b0b4382cd91bbfae73843a207c1
├── [2.8K] CVE-2020-35575.py
└── [ 584] README.md
0 directories, 2 files
Remarks
1. It is advised to access via the original source first.
2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.