First published: Wed May 15 2019(Updated: )
TP-Link Archer CR-700 1.0.6 devices have an XSS vulnerability that can be introduced into the admin account through a DHCP request, allowing the attacker to steal the cookie information, which contains the base64 encoded username and password.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Archer Cr700 Firmware | =1.0.6 | |
Tp-link Archer Cr700 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.