PT-2019-9597 · Tp Link · Tp-Link Wr840N

Published

2019-04-16

Updated

2020-08-24

CVE-2018-18489

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions TP-LINK WR840N v2 Firmware version 3.16.9 Build 150701 Rel.51516n

Description The issue concerns the ping feature in the Diagnostic functionality, which can be exploited by remote attackers to cause a denial of service. This is achieved by modifying the packet size to exceed the UI limit of 1472, resulting in the termination of the HTTP service.

Recommendations For TP-LINK WR840N v2 Firmware version 3.16.9 Build 150701 Rel.51516n, consider restricting access to the Diagnostic functionality until a fix is available. As a temporary workaround, limit the packet size to the UI limit of 1472 to prevent exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-18489

Affected Products

Tp-Link Wr840N

PT-2019-9597 · Tp Link · Tp-Link Wr840N

CVE-2018-18489

Related Identifiers

Affected Products

References · 3