Lucene search

[email protected]CVE-2022-46428

HistoryDec 20, 2022 - 8:15 p.m.

CVE-2022-46428

2022-12-2020:15:10

CWE-494

[email protected]

web.nvd.nist.gov

tp-link

tl-wr1043nd

firmware

vulnerability

code execution

dos

cve-2022-46428

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.6%

JSON

TP-Link TL-WR1043ND V1 3.13.15 and earlier allows authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.

Affected configurations

NVD

Node

tp-linktl-wr1043nd_v1_firmwareRange≤3.13.15

AND

tp-linktl-wr1043nd_v1Match-

CPENameOperatorVersion
tp-link:tl-wr1043nd_v1_firmwaretp-link tl-wr1043nd v1 firmwarele3.13.15

CPE	Name	Operator	Version
tp-link:tl-wr1043nd_v1_firmware	tp-link tl-wr1043nd v1 firmware	le	3.13.15

References

hackmd.io/%40slASVrz_SrW7NQCsunofeA/S1hP34Hvj

www.tp-link.com/us/press/security-advisory/

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

5.8 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

34.6%

JSON

Related for CVE-2022-46428

prion1 cvelist1 nvd1