PT-2019-9597 · Tp Link · Tp-Link Wr840N

Publicado

2019-04-16

Atualizado

2020-08-24

CVE-2018-18489

CVSS v2.0

6.8

Média

Vetor

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions TP-LINK WR840N v2 Firmware version 3.16.9 Build 150701 Rel.51516n

Description The issue concerns the ping feature in the Diagnostic functionality, which can be exploited by remote attackers to cause a denial of service. This is achieved by modifying the packet size to exceed the UI limit of 1472, resulting in the termination of the HTTP service.

Recommendations For TP-LINK WR840N v2 Firmware version 3.16.9 Build 150701 Rel.51516n, consider restricting access to the Diagnostic functionality until a fix is available. As a temporary workaround, limit the packet size to the UI limit of 1472 to prevent exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-18489

Produtos afetados

Tp-Link Wr840N

PT-2019-9597 · Tp Link · Tp-Link Wr840N

CVE-2018-18489

Identificadores relacionados

Produtos afetados

Referências · 3