7.01.1.0

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

tp-link

NVD

Published: 2018-09-13

Updated: 2020-08-24

Summary

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ip_mac_bind name.

Vulnerable Configurations

Part	Description	Count
OS	Tp-Link TP Link TL Wr886N Firmware 6.0_2.3.4 TP Link TL Wr886N Firmware 7.0_1.1.0	2
Hardware	Tp-Link TP Link TL Wr886N -	1

References

https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_10/README.md