The vulnerability of TP-Link TL-WR940N router’s microprogramming software lies in the overflow of buffers on the stack, allowing an attacker to execute arbitrary code.

🗓️ 22 Feb 2022 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

The TP-Link TL-WR940N router suffers a stack buffer overflow during file extension syntax analysis, enabling arbitrary code execution.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2022-24355	18 Feb 202220:15	–	attackerkb
Circl	CVE-2022-24355	9 Nov 202207:53	–	circl
CNNVD	Tp-link TP-Link TL-WR940N 安全漏洞	10 Feb 202200:00	–	cnnvd
CNVD	TP-Link TL-WR940N Buffer Overflow Vulnerability	14 Feb 202200:00	–	cnvd
CVE	CVE-2022-24355	18 Feb 202219:52	–	cve
Cvelist	CVE-2022-24355	18 Feb 202219:52	–	cvelist
EUVD	EUVD-2022-29251	3 Oct 202520:07	–	euvd
NVD	CVE-2022-24355	18 Feb 202220:15	–	nvd
Prion	Stack overflow	18 Feb 202220:15	–	prion
RedhatCVE	CVE-2022-24355	5 Feb 202521:50	–	redhatcve

Vulners

Node

tp-link_technologies_co tl-wr940nRange<211111

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-265/
securitylab	www.securitylab.ru/vulnerability/529828.php
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022021404
safe-surf	www.safe-surf.ru/upload/VULN/VULN-20220214.17.pdf
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-22-265/
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-13910/

22 Feb 2022 00:00Current

8.2High risk

Vulners AI Score8.2

CVSS 28.3

CVSS 38.8

EPSS0.01905

TP-Link TL-WR940N buffer overflow stack overflow file extension syntax code execution