Strike ID:
E19-5ki41
CVSS:
9.0 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
False Positive:
t
Variants:
32
Year:
2017

Description

This strike exhibits the network behavior of a buffer overflow vulnerability inside TP-Link WiFi router. The vulnerability is due do insufficient user input validation passed to ping addr parameter pertaining to PingIframeRpm.htm form. By crafting a malicious HTTP request, an attacker can cause DoS conditions or achieve code execution on the target device.

CVE

References

MSB

BID

ExploitDB

Secunia

Security Tracker

Metasploit

ZDI

Google

OSVDB

{}