CVE-2018-3950

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions TP-Link TL-R600VPN versions HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3

Description A remote code execution issue exists in the ping and tracert functionality of the TP-Link TL-R600VPN http server. This is caused by a stack overflow resulting from a specially crafted IP address. An attacker can trigger this issue by sending a single authenticated HTTP request, potentially allowing remote code execution.

Recommendations For TP-Link TL-R600VPN version HWv3 FRNv1.3.0, consider disabling the ping and tracert functionality until a patch is available. For TP-Link TL-R600VPN version HWv2 FRNv1.2.3, restrict access to the http server to minimize the risk of exploitation.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

BDU:2019-04740

CVE-2018-3950

Affected Products

Tp-Link Tl-R600Vpn

CVE-2018-3950

Weakness Enumeration

Related Identifiers

Affected Products

References · 7