← Back

CVE-2023-36358

nvd nist
Published: Jun 22, 2023Modified: Jun 17, 2026

JSON object

Loading...
7.7
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Exploitability: 3.1 / Impact: 4.0
Source: NVD

Description

TP-Link TL-WR940N V2/V3/V4, TL-WR941ND V5/V6, TL-WR743ND V1 and TL-WR841N V8 were discovered to contain a buffer overflow in the component /userRpm/AccessCtrlAccessTargetsRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

Affected (4)

Tp Link
4 products
Tl Wr841n Firmware
Tl Wr940n Firmware
Tl Wr941nd Firmware
Tl Wr743nd Firmware
Configuration A
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr940n
Version v4
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr841n Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr841n
Version v8
Configuration C
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr940n
Version v2
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr940n Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr940n
Version v3
Configuration E
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr941nd
Version v5
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr941nd Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr941nd
Version v6
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr743nd Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr743nd
Version v1

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (2)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.