Security for everyone

CVE-2015-3035 Scanner

Detects 'Local File Inclusion (LFI)' vulnerability in various TP-LINK devices.

SCAN NOW

Short Info


Level

High

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

CVE-2015-3035 Scanner Detail

TP-LINK is a prominent brand in the field of networking products. The company offers a range of routers and modems that are widely popular among businesses and individuals alike. These devices are designed to provide high speed and reliable internet connectivity to their users. TP-LINK's Archer C5 (1.2), Archer C7 (2.0), Archer C8 (1.0), Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), TL-WDR4300 (1.0), TL-WR740N (5.0), TL-WR741ND (5.0), TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) are some of their popular offerings.

One of these devices, the TP-LINK Archer C5 (1.2), Archer C7 (2.0), Archer C8 (1.0), Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), TL-WDR4300 (1.0), TL-WR740N (5.0), TL-WR741ND (5.0), TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) has been found to have a severe vulnerability. This vulnerability is known as CVE-2015-3035 and is related to directory traversal. The vulnerability exists in the firmware of these devices before versions 150317, 150304, 150316, 150302, and 150312, respectively.

Exploiting this vulnerability, a remote attacker can potentially read arbitrary files on the device by adding a ".." (dot dot) to the end of the URL before the "login/" keyword. This can result in the attacker gaining access to sensitive information, such as login credentials. The attacker can also use this access to execute arbitrary code on the device, leading to further damage.

It is important to note that vulnerability scanning and management platforms like securityforeveryone.com provide comprehensive and easy-to-use solutions that can help businesses and individuals protect their digital assets from vulnerabilities such as CVE-2015-3035. With the help of such platforms, the users can quickly identify and mitigate vulnerabilities in their devices and networks, providing them with peace of mind and a strong foothold against cyber attacks.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture