Multiple cross-site scripting (XSS) vulnerabilities in the TP-LINK TL-WR841N router with firmware 3.13.9 Build 120201 Rel.54965n and earlier allow remote administrators to inject arbitrary web script or HTML via the (1) username or (2) pwd parameter to userRpm/NoipDdnsRpm.htm.
Max CVSS
4.3
EPSS Score
0.10%
Published
2014-09-30
Updated
2014-10-01
Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.
Max CVSS
4.3
EPSS Score
0.27%
Published
2013-01-26
Updated
2013-01-28
CVE-2012-5687
Public exploit
Directory traversal vulnerability in the web-based management feature on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to the help/ URI.
Max CVSS
7.8
EPSS Score
2.95%
Published
2012-11-01
Updated
2017-08-29
3 vulnerabilities found