Lucene search

[email protected]CVE-2021-44625

HistoryMar 10, 2022 - 5:44 p.m.

CVE-2021-44625

2022-03-1017:44:17

CWE-120

[email protected]

web.nvd.nist.gov

cve-2021-44625

buffer overflow

tp-link wr-886n

security vulnerability

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request.

Affected configurations

NVD

Node

tp-linktl-wr886n_firmwareMatch20190826_2.3.8

AND

tp-linktl-wr886nMatch-

CPENameOperatorVersion
tp-link:tl-wr886n_firmwaretp-link tl-wr886n firmwareeq20190826_2.3.8

CPE	Name	Operator	Version
tp-link:tl-wr886n_firmware	tp-link tl-wr886n firmware	eq	20190826_2.3.8

References

github.com/Yu3H0/IoT_CVE/tree/main/886N/deviceInfoRegister

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

48.3%

JSON

Related for CVE-2021-44625

prion1 nvd1 cvelist1 cnvd1 checkpoint_advisories1