CVE-2022-0162
published 2022-02-09CVE-2022-0162: The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in…
PriorityP359critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.66%
46.9th percentile
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| tp-link | tl-wr841n | — | — |
| tp-link | tl-wr841n_firmware | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
cisa4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g9x3-h7c3-fr29: The vulnerability exists in TP-Link TL-WR841N V11 3
ghsa_unreviewed·2022-02-11
CVE-2022-0162 [CRITICAL] CWE-319 GHSA-g9x3-h7c3-fr29: The vulnerability exists in TP-Link TL-WR841N V11 3
The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325 Rel.62500n wireless router due to transmission of authentication information in cleartextbase64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.
CISA
Microsoft Internet Explorer Information Disclosure Vulnerability
cisa·2022-05-24·CVSS 4.3
CVE-2016-0162 [MEDIUM] CWE-200 Microsoft Internet Explorer Information Disclosure Vulnerability
Vulnerability: Microsoft Internet Explorer Information Disclosure Vulnerability
Affected: Microsoft Internet Explorer
An information disclosure vulnerability exists when Internet Explorer does not properly handle JavaScript. The vulnerability could allow an attacker to detect specific files on the user's computer.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2016-0162
Remediation Due Date: 2022-06-14
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-02-09
Published