Details of VAR-202312-0648

ID

VAR-202312-0648

CVE

CVE-2023-50224

TITLE

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability

Trust: 0.7

sources: ZDI: ZDI-23-1808

DESCRIPTION

TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-19899

Trust: 1.62

sources: NVD: CVE-2023-50224 // ZDI: ZDI-23-1808 // VULMON: CVE-2023-50224

AFFECTED PRODUCTS

vendor:

tp link

model:

tl-wr841n

scope:

version:

Trust: 0.7

sources: ZDI: ZDI-23-1808

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2023-50224
value:	MEDIUM
Trust: 1.0
ZDI:	CVE-2023-50224
value:	MEDIUM
Trust: 0.7

zdi-disclosures@trendmicro.com:	CVE-2023-50224
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 1.0
ZDI:	CVE-2023-50224
baseSeverity:	MEDIUM
baseScore:	6.5
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	2.8
impactScore:	3.6
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-23-1808 // NVD: CVE-2023-50224

PROBLEMTYPE DATA

problemtype:

CWE-290

Trust: 1.0

sources: NVD: CVE-2023-50224

PATCH

title:

TP-Link has issued an update to correct this vulnerability.#Firmware

url:

https://www.tp-link.com/en/support/download/tl-wr841n/v12/

Trust: 0.7

sources: ZDI: ZDI-23-1808

EXTERNAL IDS

db:	NVD	id:	CVE-2023-50224	Trust: 1.8
db:	ZDI	id:	ZDI-23-1808	Trust: 1.8
db:	ZDI_CAN	id:	ZDI-CAN-19899	Trust: 0.7
db:	VULMON	id:	CVE-2023-50224	Trust: 0.1

sources: ZDI: ZDI-23-1808 // VULMON: CVE-2023-50224 // NVD: CVE-2023-50224

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-23-1808/	Trust: 1.1
url:	https://www.tp-link.com/en/support/download/tl-wr841n/v12/#firmware	Trust: 1.0
url:	https://www.tp-link.com/en/support/download/tl-wr841n/v12/	Trust: 0.7

sources: ZDI: ZDI-23-1808 // VULMON: CVE-2023-50224 // NVD: CVE-2023-50224

CREDITS

Aleksandar Djurdjevic 'revengsmK'

Trust: 0.7

sources: ZDI: ZDI-23-1808

SOURCES

db:	ZDI	id:	ZDI-23-1808
db:	VULMON	id:	CVE-2023-50224
db:	NVD	id:	CVE-2023-50224

LAST UPDATE DATE

2024-09-19T23:05:06.857000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-23-1808	date:	2023-12-19T00:00:00
db:	NVD	id:	CVE-2023-50224	date:	2024-09-18T19:15:38.687

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-23-1808	date:	2023-12-19T00:00:00
db:	NVD	id:	CVE-2023-50224	date:	2024-05-03T03:16:10.833