0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
TP-LINK TL-SC3171 Authentication Bypass Vulnerability
Author
Risk
[Security Risk High
]0day-ID
Category
Date add
CVE
Platform
1.Advisory Information Title: TP-LINK TL-SC3171 Vulnerability Date Published: 12/06/2013 Date of last updated: 12/06/2013 2.Vulnerability Description The next vulnerability has been found in this device: -CVE-2013-3688. Authentication Bypass Issues(CWE-592) and Execution with Unnecessary Privileges(CWE-250). 3.Affected Products -CVE-2013-3688. The following product are affected: TP-LINK TL-SC3171 It’s possible others models are affected but they were not checked. 4.PoC 4.1.Execute Remote Command bypassing authentication CVE-2013-3688, Execute Remote Command bypassing authentication. We have found that is possible to reboot this kind of devices remotely. The attack vector is the following one: _____________________________________________________________________________ http://xx.xx.xx.xx/cgi-bin/reboot http://xx.xx.xx.xx/cgi-bin/hardfactorydefault _____________________________________________________________________________ In the first one you will get blank page and you can’t re-login until the device is reboot. In the second one, you will get a victory message and of course, in the next login you should introduce factory settings. 5.Credits -CVE-2013-3688, was discovered by Eliezer Varadé Lopez, Javier Repiso Sánchez and Jonás Ropero Castillo. 6.Report Timeline -2013-05-31: Students team notifies the TP-Link Customer Support of the vulnerability. No reply received. -2013-06-03: Students asks for a reply. -2013-06-04: TP-Link answers saying Coresecurity reported this vulnerability before and this has been corrected in a new beta firmware version. -2013-06-04: Students answer to the vendor saying that this vulnerability is different from the Coresecurity vulnerabilities. -2013-06-05: TP-Link answers saying this vulnerability is the same as the vulnerability reported by Coresecurity. -2013-06-05: Students respond by explaining the details of the vulnerability and confirming that the vulnerability is different. -2013-06-06: TP-Link answer confirming that the vulnerability is fixed with the latest patch for the reported vulnerabilities generated by Coresecurity. The beta version is available on the website of TP-Link # 0day.today [2024-12-23] #