Associated Vulnerability
Title:多款 Tp-Link 路由器产品信息泄露漏洞 (CVE-2020-35575)Description:A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. This affects WA901ND devices before 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
Description
password-disclosure issue in the web interface on certain TP-Link devices
Readme
# CVE-2020-35575-password-disclosure-issue-in-the-web-interface
A password-disclosure issue in the web interface on certain TP-Link devices allows a remote malicious user to get full administrative access to the web panel. This affects WA901ND devices prior to 3.16.9(201211) beta, and Archer C5, Archer C7, MR3420, MR6400, WA701ND, WA801ND, WDR3500, WDR3600, WE843N, WR1043ND, WR1045ND, WR740N, WR741ND, WR749N, WR802N, WR840N, WR841HP, WR841N, WR842N, WR842ND, WR845N, WR940N, WR941HP, WR945N, WR949N, and WRD4300 devices.
The script weaponizes the attack. Do not use it to harm.
File Snapshot
[4.0K] /data/pocs/cf0fec7e00232b0b4382cd91bbfae73843a207c1
├── [2.8K] CVE-2020-35575.py
└── [ 584] README.md
0 directories, 2 files
Remarks
1. It is advised to access via the original source first.
2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →