Lucene search
HistoryDec 20, 2022 - 8:15 p.m.
CVE-2022-46910
tp-link
firmware update
vulnerability
code execution
dos
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
60.1%
An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
Affected configurations
Node
tp-linktl-wa901n_firmwareRange≤3.11.2
tp-linktl-wa901nMatch-
Node
tp-linktl-wa901nd_v1_firmwareRange≤3.11.2
tp-linktl-wa901nd_v1Match-
Node
tp-linktl-wa901n_firmwareRange3.12.0–3.12.16
tp-linktl-wa901nMatch-
Node
tp-linktl-wa901nd_v2_firmwareRange≤3.12.16
tp-linktl-wa901nd_v2Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tp-link | tl-wa901n_firmware | * | cpe:2.3:o:tp-link:tl-wa901n_firmware:*:*:*:*:*:*:*:* |
| tp-link | tl-wa901n | - | cpe:2.3:h:tp-link:tl-wa901n:-:*:*:*:*:*:*:* |
| tp-link | tl-wa901nd_v1_firmware | * | cpe:2.3:o:tp-link:tl-wa901nd_v1_firmware:*:*:*:*:*:*:*:* |
| tp-link | tl-wa901nd_v1 | - | cpe:2.3:h:tp-link:tl-wa901nd_v1:-:*:*:*:*:*:*:* |
| tp-link | tl-wa901nd_v2_firmware | * | cpe:2.3:o:tp-link:tl-wa901nd_v2_firmware:*:*:*:*:*:*:*:* |
| tp-link | tl-wa901nd_v2 | - | cpe:2.3:h:tp-link:tl-wa901nd_v2:-:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2022-46910
2022-12-20 20:15:11
prion
prion
Design/Logic Flaw
2022-12-20 20:15:00
cvelist
cvelist
CVE-2022-46910
2022-12-20 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.002
Percentile
60.1%
Related for NVD:CVE-2022-46910