CVE-2013-2645 - Vulnerability Details - OpenCVE

Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka "FTP directory traversal") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Tp-link	Firmware

Configuration 1 [-]

cpe:2.3:o:tp-link:firmware:tl-wr1043nd_v1_120405:*:*:*:*:*:tp-link_wr1043n:*

No data.

References

Link	Providers
http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-10-06T01:00:00

Updated: 2024-08-06T15:44:32.619Z

Reserved: 2013-03-22T00:00:00

Link: CVE-2013-2645

Vulnrichment

No data.

NVD

Status : Modified

Published: 2014-10-06T01:55:07.727

Modified: 2024-11-21T01:52:06.733

Link: CVE-2013-2645

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-03-22T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka \"FTP directory traversal\") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-10-06T00:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-2645", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka \"FTP directory traversal\") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php", "refsource": "MISC", "url": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T15:44:32.619Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-2645", "datePublished": "2014-10-06T01:00:00", "dateReserved": "2013-03-22T00:00:00", "dateUpdated": "2024-08-06T15:44:32.619Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:tp-link:firmware:tl-wr1043nd_v1_120405:*:*:*:*:*:tp-link_wr1043n:*", "matchCriteriaId": "1631003F-8AB6-4ABA-9221-7E294DCDABA9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities on the TP-LINK WR1043N router with firmware TL-WR1043ND_V1_120405 allow remote attackers to hijack the authentication of administrators for requests that (1) enable FTP access (aka \"FTP directory traversal\") to /tmp via the shareEntire parameter to userRpm/NasFtpCfgRpm.htm, (2) change the FTP administrative password via the nas_admin_pwd parameter to userRpm/NasUserAdvRpm.htm, (3) enable FTP on the WAN interface via the internetA parameter to userRpm/NasFtpCfgRpm.htm, (4) launch the FTP service via the startFtp parameter to userRpm/NasFtpCfgRpm.htm, or (5) enable or disable bandwidth limits via the QoSCtrl parameter to userRpm/QoSCfgRpm.htm."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de CSRF en el router TP-LINK WR1043N con firmware TL-WR1043ND_V1_120405 permiten a atacantes remotos secuestrar la autenticaci\u00f3n de administradores para solicitudes que (1) habilitan el acceso FTP (tambi\u00e9n conocido como 'salto de directorio de FTP') a /tmp a trav\u00e9s del par\u00e1metro shareEntire en userRpm/NasFtpCfgRpm.htm, (2) cambian la contrase\u00f1a de administraci\u00f3n FTP a trav\u00e9s del par\u00e1metro nas_admin_pwd en userRpm/NasUserAdvRpm.htm, (3) habilitan FTP en la interfaz WAN a trav\u00e9s del par\u00e1metro internetA en userRpm/NasFtpCfgRpm.htm, (4) lanzan el servicio FTP a trav\u00e9s del par\u00e1metro startFtp en userRpm/NasFtpCfgRpm.htm, o (5) habilitan o deshabilitan los l\u00edmites de la banda ancha a trav\u00e9s del par\u00e1metro QoSCtrl en userRpm/QoSCfgRpm.htm."}], "id": "CVE-2013-2645", "lastModified": "2024-11-21T01:52:06.733", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-10-06T01:55:07.727", "references": [{"source": "cve@mitre.org", "url": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityevaluators.com/knowledge/case_studies/routers/tp-link_wr1043n.php"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}