CVE-2023-50224
moderate-risk
Published 2024-05-03
TP-Link TL-WR841N dropbearpwd Improper Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of TP-Link TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from improper authentication. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. . Was ZDI-CAN-19899.
Do I need to act?
~
1.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.5/10
Medium
ADJACENT_NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (5)
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1808/
Third Party Advisory
https://www.zerodayinitiative.com/advisories/ZDI-23-1808/
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-...
37
/ 100
moderate-risk
Severity
21/34 · High
Exploitability
11/34 · Low
Exposure
5/34 · Minimal