PT-2019-3733 · Tp Link · Tp-Link Tl-Wr941Nd+1

H0Rac

Published

2019-06-06

Updated

2020-08-24

CVE-2019-6989

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR940N version not specified TP-Link TL-WR941ND version not specified

Description The issue is caused by a stack-based buffer overflow due to improper bounds checking by the ipAddrDispose function. This can be exploited by sending specially crafted ICMP echo request packets, allowing a remote authenticated attacker to overflow a buffer and execute arbitrary code on the system with elevated privileges.

Recommendations For TP-Link TL-WR940N, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For TP-Link TL-WR941ND, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

BDU:2019-03988

CVE-2019-6989

Affected Products

Tp-Link Tl-Wr940N

Tp-Link Tl-Wr941Nd

PT-2019-3733 · Tp Link · Tp-Link Tl-Wr941Nd+1

CVE-2019-6989

Weakness Enumeration

Related Identifiers

Affected Products

References · 6