// For flags

CVE-2022-26988

 

Severity Score

7.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.

Los routers TP-Link TL-WDR7660 versión 2.0.30, Mercury D196G versión 20200109_2.0.4 y Fast FAC1900R versión 20190827_2.0.2 tienen un problema de desbordamiento de pila en la función "MntAte". Los usuarios locales podrían conseguir una ejecución de código remota

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-03-14 CVE Reserved
  • 2022-05-10 CVE Published
  • 2024-08-03 CVE Updated
  • 2024-08-03 First Exploit
  • 2024-10-22 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tp-link
Search vendor "Tp-link"
Tl-wdr7660 Firmware
Search vendor "Tp-link" for product "Tl-wdr7660 Firmware"
2.0.30
Search vendor "Tp-link" for product "Tl-wdr7660 Firmware" and version "2.0.30"
-
Affected
in Tp-link
Search vendor "Tp-link"
Tl-wdr7660
Search vendor "Tp-link" for product "Tl-wdr7660"
--
Safe
Tp-link
Search vendor "Tp-link"
Tl-wdr7661 Firmware
Search vendor "Tp-link" for product "Tl-wdr7661 Firmware"
--
Affected
in Tp-link
Search vendor "Tp-link"
Tl-wdr7661
Search vendor "Tp-link" for product "Tl-wdr7661"
--
Safe
Tp-link
Search vendor "Tp-link"
Tl-wdr7620 Firmware
Search vendor "Tp-link" for product "Tl-wdr7620 Firmware"
--
Affected
in Tp-link
Search vendor "Tp-link"
Tl-wdr7620
Search vendor "Tp-link" for product "Tl-wdr7620"
--
Safe
Tp-link
Search vendor "Tp-link"
Tl-wdr5660 Firmware
Search vendor "Tp-link" for product "Tl-wdr5660 Firmware"
--
Affected
in Tp-link
Search vendor "Tp-link"
Tl-wdr5660
Search vendor "Tp-link" for product "Tl-wdr5660"
--
Safe
Mercusys
Search vendor "Mercusys"
Mercury D196g Firmware
Search vendor "Mercusys" for product "Mercury D196g Firmware"
20200109_2.0.4
Search vendor "Mercusys" for product "Mercury D196g Firmware" and version "20200109_2.0.4"
-
Affected
in Mercusys
Search vendor "Mercusys"
Mercury D196g
Search vendor "Mercusys" for product "Mercury D196g"
--
Safe
Fastcom
Search vendor "Fastcom"
Fac1900r Firmware
Search vendor "Fastcom" for product "Fac1900r Firmware"
20190827_2.0.2
Search vendor "Fastcom" for product "Fac1900r Firmware" and version "20190827_2.0.2"
-
Affected
in Fastcom
Search vendor "Fastcom"
Fac1900r
Search vendor "Fastcom" for product "Fac1900r"
--
Safe