Vulnerability Note VU#185100

TP-LINK TL-WR841N wireless router local file inclusion vulnerability

Original Release date: 11 Jan 2013 | Last revised: 11 Jan 2013

Overview

The TP-LINK TL-WR841N wireless router contains a local file inclusion vulnerability which could allow an attacker to download critical configuration files off the device.

Description

CWE-829: Inclusion of Functionality from Untrusted Control Sphere

The TP-LINK TL-WR841N wireless router web-based management interface contains a local file inclusion (LFI) vulnerability. The URL parameter is not properly sanitized before being parsed. It has been reported that TP-LINK TL-WR841N wireless router running firmware version: 3.13.9 Build 120201 Rel.54965n and below are affected.

Impact

An attacker with access to the TP-LINK TL-WR841N web interface could download critical configuration files off the device.

Solution

We are currently unaware of a practical solution to this problem.

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks. Note that restricting access does not prevent local file inclusion attacks since the attack comes as an HTTP request from a legitimate user's host. Restricting access would prevent an attacker from accessing the TP-LINK TL-WR841N web interface using stolen credentials from a blocked network location.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
TP-LinkAffected-07 Jan 2013
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N
Temporal 3.1 E:U/RL:W/RC:UC
Environmental 0.9 CDP:L/TD:L/CR:ND/IR:ND/AR:ND

References

Credit

Thanks to Matan Azugi for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

  • CVE IDs: CVE-2012-6276
  • Date Public: 11 Jan 2013
  • Date First Published: 11 Jan 2013
  • Date Last Updated: 11 Jan 2013
  • Document Revision: 7

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.