Showing 1 - 1 of 1

CVE-2021-3275

Status Candidate

Overview

Unauthenticated stored cross-site scripting (XSS) exists in multiple TP-Link products including WIFI Routers (Wireless AC routers), Access Points, ADSL + DSL Gateways and Routers, which affects TD-W9977v1, TL-WA801NDv5, TL-WA801Nv6, TL-WA802Nv5, and Archer C3150v2 devices through the improper validation of the hostname. Some of the pages including dhcp.htm, networkMap.htm, dhcpClient.htm, qsEdit.htm, and qsReview.htm and use this vulnerable hostname function (setDefaultHostname()) without sanitization.

Related Files

TP-Link Cross Site Scripting: Posted Mar 26, 2021; Authored by Kaustubh G. Padwad, Smriti Gaba; Multiple TP-Link devices suffer from an unauthenticated persistent cross site scripting vulnerability. Affected models include TD-W9977, TL-WA801ND, TL-WA801N, TL-WR802N, and Archer-C3150.; tags | exploit, xss; advisories | CVE-2021-3275; SHA-256 | e35e1937104dc66eacb185dee5eb8adeeab2b99d9f05fd8364987d6dd5a729bd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 384 files
Ubuntu 91 files
Debian 30 files
BugsBD Limited 21 files
Rahad Chowdhury 21 files
Gentoo 18 files
tmrswrr 12 files
Google Security Research 5 files
Ph0s 5 files
R0ckE7 5 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,914)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,844)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,619)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,136)
UNIX (9,340)
UnixWare (187)
Windows (6,606)
Other

CVE-2021-3275

Overview

Related Files

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems