CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Apr 15, 2022

CVE-2015-3035

High

EPSS 92.9%CISA KEV

TP-Link/Multiple Archer Devices

Description

Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

EPSS — Exploit Probability

92.9%

Higher than 99.8% of all CVEs

Required Action

https://nvd.nist.gov/vuln/detail/CVE-2015-3035

CVE-2015-3035

Description

EPSS — Exploit Probability

Required Action

Related Articles (1)

TP-Link warns users to patch critical router auth bypass flaw

Risk Assessment

Details

Timeline

Affected Product

External Links