Lucene search

[email protected]NVD:CVE-2022-30024

HistoryJul 14, 2022 - 2:15 p.m.

CVE-2022-30024

2022-07-1414:15:13

CWE-120

[email protected]

web.nvd.nist.gov

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.029 Low

EPSS

Percentile

90.9%

JSON

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.

Affected configurations

NVD

Node

tp-linktl-wr841Match10

tp-linktl-wr841Match11

tp-linktl-wr841Match12

AND

tp-linktl-wr841_firmwareMatch-

Node

tp-linktl-wr841nMatch12

AND

tp-linktl-wr841n_firmwareMatch3.16.9

Node

tp-linktl-wr841n\(eu\)Match11

AND

tp-linktl-wr841n\(eu\)_firmwareMatch160325

Node

tp-linktl-wr841nMatch11

AND

tp-linktl-wr841n_firmwareMatch150616

Node

tp-linktl-wr841nMatch10

AND

tp-linktl-wr841n_firmwareMatch150310

References

tl-wr841.com

tp-link.com

pastebin.com/0XRFr3zE

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.029 Low

EPSS

Percentile

90.9%

JSON

Related for NVD:CVE-2022-30024

cnvd1 cve1 prion1 cvelist1