{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T19:14:50.498","vulnerabilities":[{"cve":{"id":"CVE-2015-3035","sourceIdentifier":"cve@mitre.org","published":"2015-04-22T01:59:02.553","lastModified":"2025-10-22T00:15:42.857","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Directory traversal vulnerability in TP-LINK Archer C5 (1.2) with firmware before 150317, C7 (2.0) with firmware before 150304, and C8 (1.0) with firmware before 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), and TL-WDR4300 (1.0) with firmware before 150302, TL-WR740N (5.0) and TL-WR741ND (5.0) with firmware before 150312, and TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), and TL-WR841ND (10.0) with firmware before 150310 allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login\/."},{"lang":"es","value":"Vulnerabilidad de salto de directorio en TP-LINK Archer C5 (1.2) con firmware anterior a 150317, C7 (2.0) con firmware anterior a 150304, y C8 (1.0) con firmware anterior a 150316, Archer C9 (1.0), TL-WDR3500 (1.0), TL-WDR3600 (1.0), y TL-WDR4300 (1.0) con firmware anterior a 150302, TL-WR740N (5.0) y TL-WR741ND (5.0) con firmware anterior a 150312, y TL-WR841N (9.0), TL-WR841N (10.0), TL-WR841ND (9.0), y TL-WR841ND (10.0) con firmware anterior a 150310 permite a atacantes remotos leer ficheros arbitrarios a través de un .. (punto punto) en PATH_INFO en login\/."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:H\/I:N\/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N\/AC:L\/Au:N\/C:C\/I:N\/A:N","baseScore":7.8,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"HIGH","exploitabilityScore":10.0,"impactScore":6.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"cisaExploitAdd":"2022-03-25","cisaActionDue":"2022-04-15","cisaRequiredAction":"Apply updates per vendor instructions.","cisaVulnerabilityName":"TP-Link Multiple Archer Devices Directory Traversal Vulnerability","weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841n_\\(9.0\\)_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"06BFF5EB-63BD-489A-B108-12687B77A8F5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841n_\\(9.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"E80F84F8-528F-42C5-B19A-7D7428423C45"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr740n_\\(5.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141217","matchCriteriaId":"2CABC3A7-A089-4E79-BA39-39A76CE130DD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr740n_\\(5.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"22721213-F1C6-4C2F-A64F-8792F093AE44"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c5_\\(1.2\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141126","matchCriteriaId":"536D12F8-5DAC-49E4-ADC4-EFD8DF978663"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c5_\\(1.2\\):-:*:*:*:*:*:*:*","matchCriteriaId":"1454B6DF-BC57-48B3-B2D5-D88F3E686A27"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841n_\\(10.0\\)_firmware:*:*:*:*:*:*:*:*","matchCriteriaId":"C092408D-3460-477A-B4D7-50BC3C266904"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841n_\\(10.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"50C5C74F-62BD-4F6F-ABAE-48412AD4F798"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr741nd_\\(5.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141217","matchCriteriaId":"65A32D8A-9823-440B-91A7-48B7F9610253"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:h:tp-link:tl-wr741nd_\\(5.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"C448EFFF-A341-4D99-A9CD-CAFDB47C3B31"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr3600_\\(1.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141022","matchCriteriaId":"D7835D28-9EAD-4C2A-B9B9-9C3AF0683C97"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr3600_\\(1.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"84CF3BA4-86A7-4638-96D7-3D94D46C1704"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c7_\\(2.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141110","matchCriteriaId":"22CABB26-90EB-4C7D-BE8F-9974AF22626D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c7_\\(2.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"AB54C1EF-B59B-4A8D-B65C-06D50DAA73FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841nd_\\(10.0\\)_firmware:150104:*:*:*:*:*:*:*","matchCriteriaId":"0946FFBF-4A32-43CB-A363-52941C507DEF"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841nd_\\(10.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"BFFF1AD6-B74A-4CBD-8245-18AEC3076CCB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c9_\\(1.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"150122","matchCriteriaId":"872B2B57-935A-4E1D-B240-BCE903490238"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c9_\\(1.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"D832A00C-353A-4E30-BF32-7EC0853D05F6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wr841nd_\\(9.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"150104","matchCriteriaId":"20C4D86E-B7DB-4FBD-96A9-37B5E7A2F8FC"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wr841nd_\\(9.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"C43ECEF1-D76C-4ACE-B66E-964D491A8CB6"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:archer_c8_\\(1.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141023","matchCriteriaId":"A667C76A-0FD1-450F-B6BA-69FDBE265096"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:archer_c8_\\(1.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"876FA83F-9F6E-4026-9B6F-FE788D494BD7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr4300_\\(1.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141113","matchCriteriaId":"AB308D99-45F3-41EA-B67D-A61513A93EA3"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr4300_\\(1.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"4707BF62-9AC3-498D-8460-0A5C2CC6E3C7"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:tp-link:tl-wdr3500_\\(1.0\\)_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"141113","matchCriteriaId":"F706E3CA-469F-4275-913D-C09A9B6BF1BD"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:tp-link:tl-wdr3500_\\(1.0\\):-:*:*:*:*:*:*:*","matchCriteriaId":"40E8FBA4-E296-4E4B-8BF2-14B08E34EE59"}]}]}],"references":[{"url":"http:\/\/packetstormsecurity.com\/files\/131378\/TP-LINK-Local-File-Disclosure.html","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/seclists.org\/fulldisclosure\/2015\/Apr\/26","source":"cve@mitre.org","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"http:\/\/www.securityfocus.com\/archive\/1\/535240\/100\/0\/threaded","source":"cve@mitre.org","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.securityfocus.com\/bid\/74050","source":"cve@mitre.org","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C5_V1.20.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C7_V2.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C8_V1.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C9_V1.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WDR3500_V1.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WDR3600_V1.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WDR4300_V1.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR740N_V5.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR741ND_V5.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR841ND_V9.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR841N_V9.html#Firmware","source":"cve@mitre.org","tags":["Product"]},{"url":"https:\/\/www.sec-consult.com\/fxdata\/seccons\/prod\/temedia\/advisories_txt\/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt","source":"cve@mitre.org","tags":["Exploit","Not Applicable"]},{"url":"http:\/\/packetstormsecurity.com\/files\/131378\/TP-LINK-Local-File-Disclosure.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/seclists.org\/fulldisclosure\/2015\/Apr\/26","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Mailing List","Third Party Advisory"]},{"url":"http:\/\/www.securityfocus.com\/archive\/1\/535240\/100\/0\/threaded","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.securityfocus.com\/bid\/74050","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C5_V1.20.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C7_V2.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C8_V1.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/Archer-C9_V1.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WDR3500_V1.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WDR3600_V1.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WDR4300_V1.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR740N_V5.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR741ND_V5.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR841ND_V9.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"http:\/\/www.tp-link.com\/en\/download\/TL-WR841N_V9.html#Firmware","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Product"]},{"url":"https:\/\/www.sec-consult.com\/fxdata\/seccons\/prod\/temedia\/advisories_txt\/20150410-0_TP-Link_Unauthenticated_local_file_disclosure_vulnerability_v10.txt","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Not Applicable"]},{"url":"https:\/\/www.cisa.gov\/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-3035","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}]}