Details of VAR-201811-0378

ID

VAR-201811-0378

CVE

CVE-2018-19537

TITLE

TP-Link Archer C5 Device unrestricted upload vulnerability type file vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2018-012816

DESCRIPTION

TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases. TP-Link Archer C5 The device contains a vulnerability related to unlimited uploads of dangerous types of files.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. TP-LINKArcherC5 is a wireless router product from China TP-LINK. A security vulnerability exists in TP-LinkArcherC5V2_160201_US and earlier. An attacker could exploit the vulnerability with the \342\200\230wan_dyn_hostname\342\200\231 parameter of the configuration file to execute the command

Trust: 2.25

sources: NVD: CVE-2018-19537 // JVNDB: JVNDB-2018-012816 // CNVD: CNVD-2019-00237 // VULMON: CVE-2018-19537

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2019-00237

AFFECTED PRODUCTS

vendor:	tp link	model:	archer c5	scope:	lte	version:	2_160201_us	Trust: 1.0
vendor:	tp link	model:	archer c5	scope:	lte	version:	v2_160201_us	Trust: 0.8
vendor:	tp link	model:	archer c5 <=v2 160201 us	scope:	-	version:	-	Trust: 0.6
vendor:	tp link	model:	archer c5	scope:	eq	version:	2_160201_us	Trust: 0.6

sources: CNVD: CNVD-2019-00237 // JVNDB: JVNDB-2018-012816 // CNNVD: CNNVD-201811-682 // NVD: CVE-2018-19537

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-19537
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-19537
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2019-00237
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201811-682
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2018-19537
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2018-19537
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
CNVD:	CNVD-2019-00237
severity:	HIGH
baseScore:	9.0
vectorString:	AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	SINGLE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.0
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2018-19537
baseSeverity:	HIGH
baseScore:	7.2
vectorString:	CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.2
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2019-00237 // VULMON: CVE-2018-19537 // JVNDB: JVNDB-2018-012816 // CNNVD: CNNVD-201811-682 // NVD: CVE-2018-19537

PROBLEMTYPE DATA

problemtype:

CWE-434

Trust: 1.8

sources: JVNDB: JVNDB-2018-012816 // NVD: CVE-2018-19537

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201811-682

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201811-682

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-012816

PATCH

title:	Archer C5	url:	https://www.tp-link.com/en/products/details/cat-9_Archer-C5.html	Trust: 0.8
title:	TP-Link-ArcherC5-RCE	url:	https://github.com/JackDoan/TP-Link-ArcherC5-RCE	Trust: 0.1
title:	CVE-POC	url:	https://github.com/0xT11/CVE-POC	Trust: 0.1
title:	PoC-in-GitHub	url:	https://github.com/nomi-sec/PoC-in-GitHub	Trust: 0.1

sources: VULMON: CVE-2018-19537 // JVNDB: JVNDB-2018-012816

EXTERNAL IDS

db:	NVD	id:	CVE-2018-19537	Trust: 3.1
db:	JVNDB	id:	JVNDB-2018-012816	Trust: 0.8
db:	CNVD	id:	CNVD-2019-00237	Trust: 0.6
db:	CNNVD	id:	CNNVD-201811-682	Trust: 0.6
db:	VULMON	id:	CVE-2018-19537	Trust: 0.1

sources: CNVD: CNVD-2019-00237 // VULMON: CVE-2018-19537 // JVNDB: JVNDB-2018-012816 // CNNVD: CNNVD-201811-682 // NVD: CVE-2018-19537

REFERENCES

url:	https://github.com/jackdoan/tp-link-archerc5-rce	Trust: 2.6
url:	https://nvd.nist.gov/vuln/detail/cve-2018-19537	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-19537	Trust: 0.8
url:	https://cwe.mitre.org/data/definitions/434.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2019-00237 // VULMON: CVE-2018-19537 // JVNDB: JVNDB-2018-012816 // CNNVD: CNNVD-201811-682 // NVD: CVE-2018-19537

SOURCES

db:	CNVD	id:	CNVD-2019-00237
db:	VULMON	id:	CVE-2018-19537
db:	JVNDB	id:	JVNDB-2018-012816
db:	CNNVD	id:	CNNVD-201811-682
db:	NVD	id:	CVE-2018-19537

LAST UPDATE DATE

2024-11-23T22:41:39.266000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2019-00237	date:	2019-01-03T00:00:00
db:	VULMON	id:	CVE-2018-19537	date:	2018-12-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-012816	date:	2019-02-07T00:00:00
db:	CNNVD	id:	CNNVD-201811-682	date:	2018-11-26T00:00:00
db:	NVD	id:	CVE-2018-19537	date:	2024-11-21T03:58:07.083

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2019-00237	date:	2019-01-03T00:00:00
db:	VULMON	id:	CVE-2018-19537	date:	2018-11-26T00:00:00
db:	JVNDB	id:	JVNDB-2018-012816	date:	2019-02-07T00:00:00
db:	CNNVD	id:	CNNVD-201811-682	date:	2018-11-26T00:00:00
db:	NVD	id:	CVE-2018-19537	date:	2018-11-26T03:29:00.253