exploitDog

CVE-2021-26827

Опубликовано: 14 апр. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 7.8

EPSS Низкий

Описание

Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router.

Ссылки

https://github.com/GD008/vuln/blob/main/tplink_wr2041/tplink_WR2041pv1.md
Exploit
Third Party Advisory
https://github.com/GD008/vuln/blob/main/tplink_wr2041/tplink_WR2041pv1.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:tp-link:tl-wr2041\+_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:tp-link:tl-wr2041\+:-:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00929

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-120

Связанные уязвимости

GHSA-772c-rxr6-7vm7

github

больше 3 лет назад

Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router.

EPSS

Процентиль: 76%

0.00929

Низкий

7.5 High

CVSS3

7.8 High

CVSS2

Дефекты

CWE-120