CVE-2015-3035 - TP-Link Multiple Archer Devices Directory Traversal Vulnerability
Project:TP-Link
Product:Multiple Archer Devices
Date Added:2022-03-25Due Date:2022-04-15
Vulnerability Name
TP-Link Multiple Archer Devices Directory Traversal Vulnerability
Description
Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2015-3035