← Back

CVE-2023-36359

nvd nist
Published: Jun 22, 2023Modified: Jun 17, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

TP-Link TL-WR940N V4, TL-WR841N V8/V10, TL-WR940N V2/V3 and TL-WR941ND V5/V6 were discovered to contain a buffer overflow in the component /userRpm/QoSRuleListRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

Affected (3)

Tp Link
3 products
Tl Wr841n Firmware
Tl Wr940n Firmware
Tl Wr941nd Firmware
Configuration A
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr940n
Version v4
Configuration B
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr841n
Version v8
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr841n Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr841n
Version v10
Configuration D
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr940n
Version v2
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr940n Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr940n
Version v3
Configuration F
1 platform
Running on/withPlatform Versions
Tp Link
Tl Wr941nd
Version v5
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Tl Wr941nd Firmware
All versions
Running on/withPlatform Versions
Tp Link
Tl Wr941nd
Version v6

Related CWEs

CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (3)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
ExploitThird Party Advisory

Timeline

No history available yet.