CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 1CVE-2023-36359
https://notcve.org/view.php?id=CVE-2023-36359
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/8/TP-Link%20TL-WR940N%20TL-WR841N%20TL-WR941ND%20wireless%20router%20userRpmQoSRuleListRpm%20buffer%20read%20out-of-bounds%20vulnerability.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.7EPSS: 0%CPEs: 14EXPL: 1CVE-2023-36356
https://notcve.org/view.php?id=CVE-2023-36356
TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8, TL-WR941ND V5, and TL-WR740N V1/V2 were discovered to contain a buffer read out-of-bounds via the component /userRpm/VirtualServerRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/4/TL-WR941ND_TL-WR940N_TL-WR740N_userRpm_VirtualServerRpm.md • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 1CVE-2023-36354
https://notcve.org/view.php?id=CVE-2023-36354
TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR740N V1/V2, TL-WR940N V2/V3, and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlTimeSchedRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request. • https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/7/TL-WR940N_TL-WR841N_TL-WR740N_TL-WR941ND_userRpm_AccessCtrlTimeSchedRpm.md • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-46435
https://notcve.org/view.php?id=CVE-2022-46435
An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image. Un problema en el proceso de actualización de firmware de TP-Link TL-WR941ND V2/V3 hasta 3.13.9 y TL-WR941ND V4 hasta 3.12.8 permite a atacantes ejecutar código arbitrario o provocar una Denegación de Servicio (DoS) mediante la carga de un Imagen de firmware manipulada. • https://hackmd.io/%40slASVrz_SrW7NQCsunofeA/SyvnlO9Pi https://www.tp-link.com/us/press/security-advisory •
CVSS: 9.0EPSS: 5%CPEs: 4EXPL: 1CVE-2019-6989 – TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow
https://notcve.org/view.php?id=CVE-2019-6989
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges. TP-Link TL-WR940N es vulnerable a un desbordamiento de búfer basado en la pila, causado por una verificación de límites inadecuada por la función ipAddrDispose. Al enviar paquetes de solicitud de eco ICMP especialmente diseñados, un atacante remoto identificado podría desbordar un búfer y ejecutar código arbitrario en el sistema con privilegios elevados. TP-LINK models TL-WR940N and TL-WR941ND suffer from a buffer overflow vulnerability. • https://www.exploit-db.com/exploits/46678 http://packetstormsecurity.com/files/152458/TP-LINK-TL-WR940N-TL-WR941ND-Buffer-Overflow.html • CWE-787: Out-of-bounds Write •