CVE-2018-3949
- Reference to the description:
- Description:
- An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated web request to trigger this vulnerability.
- Last updated date:
- 02/03/2023
Reports
ACTIVELY EXPLOITED
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 11/11/2021
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 12/31/2021
- Type:
- exploitation
- Confidence:
- HIGH
- Date of publishing:
- 06/09/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/27/2018
- Reference url to background
https://talosintelligence.com/vulnerability_reports/TALOS-2018-0618