CVE-2017-15291

MEDIUM

TP-LINK TL-MR3220 Firmware - Stored Cross-Site Scripting via Wireless MAC Filtering Description Field

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-15291. PoCs published by Thiago Sena.

AI-analyzed exploit summary This is a writeup describing a stored XSS vulnerability in TP-LINK TL-MR3220. The PoC involves injecting a script into the 'Description' field of the 'Wireless MAC Filtering' tab, which executes when viewed.

Description

Cross-site scripting (XSS) vulnerability in the Wireless MAC Filtering page in TP-LINK TL-MR3220 wireless routers allows remote attackers to inject arbitrary web script or HTML via the Description field.

Exploits (1)

exploitdb WRITEUP

by Thiago Sena · textwebappshardware

https://www.exploit-db.com/exploits/43023

View Code ZIP pw:eip

This is a writeup describing a stored XSS vulnerability in TP-LINK TL-MR3220. The PoC involves injecting a script into the 'Description' field of the 'Wireless MAC Filtering' tab, which executes when viewed.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: TP-LINK TL-MR3220

Auth required

Prerequisites: access to the router's admin interface · authentication credentials

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://fireshellsecurity.team/assets/pdf/Router-TP-LINK-TL-MR3220-Vulnerability-XSS.pdf

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/43023/

Scores

CVSS v3 6.1

EPSS 0.0167

EPSS Percentile 73.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

tp-link/tl-mr3220_firmware

Published Oct 20, 2017

Tracked Since Feb 18, 2026