Vulnerabilities > CVE-2023-36357 - Unspecified vulnerability in Tp-Link products

CVSS 7.7 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

tp-link

NVD

Published: 2023-06-22

Updated: 2023-06-30

Summary

An issue in the /userRpm/LocalManageControlRpm component of TP-Link TL-WR940N V2/V4/V6, TL-WR841N V8/V10, and TL-WR941ND V5 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

Vulnerable Configurations

Part	Description	Count
OS	Tp-Link TP Link TL Wr940N Firmware - TP Link TL Wr841N Firmware - TP Link TL Wr941Nd Firmware -	3
Hardware	Tp-Link TP Link TL Wr940N V4 TP Link TL Wr940N V2 TP Link TL Wr940N V6 TP Link TL Wr841N V8 TP Link TL Wr841N V10 TP Link TL Wr941Nd V5	6

References

https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/5/TL-WR941ND_TL-WR940N_TL-WR841N_userRpm_LocalManageControlRpm.md