2 matches found
CVE-2022-24355
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR940N 3.20.1 Build 200316 Rel.34392n 5553 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of file name...
CVE-2022-24355
CVE-2022-24355 affects TP-Link TL-WR940N routers (3.20.1 Build 200316 Rel.34392n) where the httpd parsing of file name extensions fails to validate the length of user-supplied data before copying to a fixed-size stack buffer, enabling network-adjacent, unauthenticated remote code execution as roo...