CVE-2024-22733

Name of the Vulnerable Software and Affected Versions TP-Link MR200 version 210201

Description The issue is related to a null-pointer-dereference problem in the web administration panel of the TP-Link MR200. This problem occurs on the "/cgi/login" endpoint via the sign, Action, or LoginStatus query parameters. Exploitation of this issue could allow a remote attacker to cause a denial of service.

Recommendations For TP-Link MR200 version 210201, consider disabling access to the "/cgi/login" endpoint until a patch is available. Restricting access to the web administration panel can also help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.