Vulnerabilities > CVE-2019-6971 - Unspecified vulnerability in Tp-Link Tl-Wr1043Nd Firmware 2.0

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
tp-link
critical
NVD
Published: 2019-06-19
Updated: 2020-08-24

Summary

An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker can send a cookie in an HTTP authentication packet to the router management web interface, and fully control the router without knowledge of the credentials.

Vulnerable Configurations

Part Description Count
OS
Tp-Link
1
Hardware
Tp-Link
1

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/154787/tplinktlwr1043nd2-bypass.txt
idPACKETSTORM:154787
last seen2019-10-10
published2019-10-10
reporterUriel Kosayev
sourcehttps://packetstormsecurity.com/files/154787/TP-Link-TL-WR1043ND-2-Authentication-Bypass.html
titleTP-Link TL-WR1043ND 2 Authentication Bypass

References