7.01.1.0

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

tp-link

NVD

Published: 2018-09-13

Updated: 2020-08-24

Summary

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall dmz enable.

Vulnerable Configurations

Part	Description	Count
OS	Tp-Link TP Link TL Wr886N Firmware 6.0_2.3.4 TP Link TL Wr886N Firmware 7.0_1.1.0	2
Hardware	Tp-Link TP Link TL Wr886N -	1

References

https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_01/README.md