Published: 23/10/2017 Updated: 17/11/2017
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 905
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Vulnerability Summary

Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.

Vulnerability Trend

Affected Products

Vendor Product Versions
Tp-linkWr940n Firmware-


import urllib2 import base64 import hashlib from optparse import * import sys import urllibbanner = ( "___________________________________________________________________________\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in the code if you wis ...

Mailing Lists

Numerous remote code execution paths were discovered in TP-Link's WR940N home WiFi router Valid credentials are required for this attack path It is possible for an authenticated attacker to obtain a remote shell with root privileges ...

Github Repositories

MiraiSecurity Mirai wwwcdxyme/?p=746 wwwfreebufcom/articles/network/119403html pastebincom/svH8tvd9 wwwfreebufcom/sectool/130091html wwwtuicoolcom/articles/qM7rMnb h4ckth4tsh1tcom/indexphp?u=/topic/18/ggsetup-a-mirai-botnet githubcom/rootblack45/Mirai-Source-Modded githubcom/Screamfox/-Mirai-Iot-BotNet

Recent Articles

Windows USB-stick-of-death, router bugs resurrected, and more
The Register • Shaun Nichols in San Francisco • 28 Apr 2018

Your weekend guide to computer security cockups

Roundup Here's your summary of infosec news – from router holes to Windows crashes – beyond what we've already covered this week.
Tim Carrington at Fidus Infosec went public on Thursday with not-so-new remote-code execution flaws in TPLink router firmware. We're told the security holes (CVE-2017-13772) were not only reported to TPLink in October 2017, but were vulnerabilities that the company had patched in older models, only for the bugs to resurface when the exploitable code was reus...