Design/Logic Flaw

2022-12-2020:15:00

PRIOn knowledge base

www.prio-n.com

tp-link

firmware update

code execution

dos

security issue

8.8 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.7%

JSON

An issue in the firmware update process of TP-Link TL-WR941ND V2/V3 up to 3.13.9 and TL-WR941ND V4 up to 3.12.8 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.

CPENameOperatorVersion
tl-wr941nd_v2_firmwarele3.13.9
tl-wr941nd_v3_firmwarele3.13.9
tl-wr941nd_v4_firmwarele3.12.8

Name	Operator	Version
tl-wr941nd_v2_firmware	le	3.13.9
tl-wr941nd_v3_firmware	le	3.13.9
tl-wr941nd_v4_firmware	le	3.12.8

References

hackmd.io/@slASVrz_SrW7NQCsunofeA/SyvnlO9Pi

www.tp-link.com/us/press/security-advisory/