CVE-2017-13772
high
CVSS v3
8.8
CVSS v2
9.0
VIR risk
8.8
Description
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.
Predictions
Exploit likelihood
92%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
References
- http://packetstormsecurity.com/files/158999/TP-Link-WDR4300-Remote-Code-Execution.html
- https://www.exploit-db.com/exploits/43022/
- https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/
- http://packetstormsecurity.com/files/158999/TP-Link-WDR4300-Remote-Code-Execution.html
- https://www.exploit-db.com/exploits/43022/
- https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.