Security in Context: The BeyondTrust Blog

Welcome to the Zeroday Tracker: Your Vulnerability Watchlist

Get critical updates on the latest zeroday threats, including impact, mitigation and protection information - only from BeyondTrust.

TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting

Disclosed August 30, 2013    Zeroday : 730 days

Vulnerability Description:

TP-Link TD-W8951ND modem routers contain vulnerabilities that allow for cross-site scripting (XSS) and cross-site request forgery. These vulnerabilities allow attackers to execute scripts in the context of the target’s browser, and perform unauthenticated actions on the modem router such as resetting the administrator password.



Vulnerable Software/Devices:

TP-Link TD-W8951ND Firmware 4.0.0 Build 120607 Rel.30923 and possibly earlier versions

Vulnerability Severity:


Exploit Availability:

Publicly Available

Exploit Impact:

Cross-Site Request Forgery, Cross-Site Scripting
The TP-Link TD-W8951ND modem router contains both XSS and CSRF vulnerabilities. These allow attackers to run arbitrary scripts in the context of the user's browser via specially crafted URLs sent to a target, or allows for unauthenticated HTTP traffic to be processed by the modem router, respectively.

BeyondTrust Prevention and Detection:

BeyondTrust's Retina® Network Security Scanner scans devices to detect for this vulnerability.

  • 30385 - TP-Link TD-W8951ND Cross Site Request Forgery / Cross Site Scripting (20130830)


No mitigations currently available. V4 firmware has been discontinued, and a fixed version of V5 is due to be released.