TP-Link Multiple Archer Devices Directory Traversal Vulnerability

NVD

Known Exploited Vulnerability

CVE-2015-3035, TP-Link Multiple Archer Devices Directory Traversal Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. (dot dot) in the PATH_INFO to login/.

The following remediation steps are recommended / required by April 15, 2022: Apply updates per vendor instructions.