Описание
httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023
Ссылки
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:tp-link:tl-wpa4220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wpa4220:v2:*:*:*:*:*:*:*
Конфигурация 2
Одновременно
cpe:2.3:o:tp-link:tl-wpa4220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wpa4220:v3:*:*:*:*:*:*:*
Конфигурация 3Версия до tl-wpa4220\(eu\)_v4_201023 (исключая)
Одновременно
cpe:2.3:o:tp-link:tl-wpa4220_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wpa4220:v4:*:*:*:*:*:*:*
EPSS
Процентиль: 75%
0.00921
Низкий
6.5 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-120
Связанные уязвимости
github
больше 3 лет назад
httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023
EPSS
Процентиль: 75%
0.00921
Низкий
6.5 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-120