Lucene search

[email protected]NVD:CVE-2019-6989

HistoryJun 06, 2019 - 6:29 p.m.

CVE-2019-6989

2019-06-0618:29:00

CWE-787

[email protected]

web.nvd.nist.gov

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.2%

JSON

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.

Affected configurations

NVD

Node

tp-linktl-wr940n_firmwareMatch-

AND

tp-linktl-wr940nMatch-

Node

tp-linktl-wr941nd_firmwareMatch-

AND

tp-linktl-wr941ndMatch-

References

packetstormsecurity.com/files/152458/TP-LINK-TL-WR940N-TL-WR941ND-Buffer-Overflow.html

www.exploit-db.com/exploits/46678/

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.055 Low

EPSS

Percentile

93.2%

JSON

Related for NVD:CVE-2019-6989

zdt1 checkpoint_advisories1 cvelist1 cve1 packetstorm1 prion1