Lucene search
MitreCVE-2022-48194HistoryDec 30, 2022 - 7:15 a.m.
CVE-2022-48194
2022-12-3007:15:07
CWE-434
mitre
web.nvd.nist.gov
37
cve-2022-48194
tp-link
tl-wr902ac
firmware update
remote code execution
dos
signature check
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.015
Percentile
87.0%
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.
Affected configurations
Node
tp-linktl-wr902acMatch3.0
tp-linktl-wr902ac_firmwareRange≤3.0.9.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tp-link | tl-wr902ac | 3.0 | cpe:2.3:h:tp-link:tl-wr902ac:3.0:*:*:*:*:*:*:* |
| tp-link | tl-wr902ac_firmware | * | cpe:2.3:o:tp-link:tl-wr902ac_firmware:*:*:*:*:*:*:*:* |
Related
packetstorm
packetstorm
TP-Link TL-WR902AC Remote Code Execution
2023-04-03 00:00:00
prion
prion
Code injection
2022-12-30 07:15:00
exploitdb
exploitdb
cvelist
cvelist
CVE-2022-48194
2022-12-30 00:00:00
nvd
nvd
CVE-2022-48194
2022-12-30 07:15:07
githubexploit
githubexploit
zdt
zdt
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.015
Percentile
87.0%
Related for CVE-2022-48194