From 678d072e7aac17c2ba3951f030a175b4d37fc010 Mon Sep 17 00:00:00 2001
From: QW5kcmV3 <71553710+alwaysroot@users.noreply.github.com>
Date: Fri, 26 Feb 2021 00:06:53 +0300
Subject: [PATCH] Create README.md

---
 README.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 README.md

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..28e4635
--- /dev/null
+++ b/README.md
@@ -0,0 +1,15 @@
+TP-Link exploit gets conf.bin without authentication.
+
+If any attacker sends Referer Header with its request and sets Referer:
+http://192.168.0.1/mainFrame.htm  its no authentication required and an
+attacker can do router's action without authentication.
+below are some of few examples you can see. But the attacker can do mostly
+all of the action on a router without Authentication.
+
+Vulnerable devices: 
+
+*TL-WR840N
+
+*TL-WR841N
+
+*WL-WA850RE