CVE Vulnerabilities

CVE-2018-17015

Published: Sep 13, 2018 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ddns phddns username.

Affected Software

Name Vendor Start Version End Version
Tl-wr886n_firmware Tp-link 6.0_2.3.4 (including) 6.0_2.3.4 (including)
Tl-wr886n_firmware Tp-link 7.0_1.1.0 (including) 7.0_1.1.0 (including)

References