CVE-2023-33536

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR940N versions V2 through V4 TP-Link TL-WR841N versions V8 through V10 TP-Link TL-WR740N versions V1 through V2

Description The issue is related to a buffer overflow in the WlanMacFilterRpm component (/userRpm/WlanMacFilterRpm.htm) of TP-Link router firmware. This occurs due to the lack of size checking for input data when handling the Mac key parameter. Exploitation of this issue could allow a remote attacker to gain unauthorized access to protected information or cause a denial of service by sending specially crafted requests.

Recommendations For TP-Link TL-WR940N versions V2 through V4, update to a version that fixes the buffer overflow issue in the WlanMacFilterRpm component. For TP-Link TL-WR841N versions V8 through V10, update to a version that fixes the buffer overflow issue in the WlanMacFilterRpm component. For TP-Link TL-WR740N versions V1 through V2, update to a version that fixes the buffer overflow issue in the WlanMacFilterRpm component. As a temporary workaround, consider restricting access to the /userRpm/WlanMacFilterRpm.htm component until a patch is available.