CVE-2012-6276

TP-LINK TL-WR841N Firmware 3.13.9 build 120201 Rel.54965n - Path Traversal via URL Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-6276. PoCs published by m-1-k-3.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in TP-Link TL-WA701N/ND devices, including directory traversal, stored XSS, and weak password change mechanisms. It provides proof-of-concept requests but no executable exploit code.

Description

Directory traversal vulnerability in the web-based management interface on the TP-LINK TL-WR841N router with firmware 3.13.9 build 120201 Rel.54965n and earlier allows remote attackers to read arbitrary files via the URL parameter.

Exploits (1)

exploitdb WRITEUP

by m-1-k-3 · textwebappshardware

https://www.exploit-db.com/exploits/24504

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in TP-Link TL-WA701N/ND devices, including directory traversal, stored XSS, and weak password change mechanisms. It provides proof-of-concept requests but no executable exploit code.

Classification

Writeup 100%

Attack Type

Info Leak | Xss | Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: TP-Link TL-WA701N / TL-WA701ND (Firmware 3.12.6 Build 110210 Rel.37112n, 3.12.16 Build 120228 Rel.37317n)

No auth needed

Prerequisites: Network access to the device · Knowledge of the device's IP address

MITRE ATT&CK

T1006 - Direct Volume Access T1059.007 - JavaScript T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/185100

Scores

EPSS 0.0354

EPSS Percentile 87.8%

Details

CWE

CWE-22

Status published

Products (2)

tp-link/tl-wr841n

tp-link/tl-wr841n_firmware 3.13.9

Published Jan 26, 2013

Tracked Since Feb 18, 2026