cbcvebase.
CVE-2013-2580
published 2013-10-11

CVE-2013-2580: Unrestricted file upload vulnerability in cgi-bin/uploadfile in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models…

PriorityP348high7.1CVSS 2.0
AVNACMAuNCNICAN
EXPLOIT
EPSS
3.54%
87.8th percentile
Unrestricted file upload vulnerability in cgi-bin/uploadfile in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and possibly other models before beta firmware LM.1.6.18P12_sign6, allows remote attackers to upload arbitrary files, then accessing it via a direct request to the file in the mnt/mtd directory.

Affected

1 ranges
VendorProductVersion rangeFixed in
tp-linklm_firmware<= 1.6.18p12_sign5
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.