Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2017-13772

Published: 23/10/2017 Updated: 31/08/2020
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 905
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Wr940n Firmware

Vulnerability Summary

Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tp-link wr940n_firmware -

Exploits

Exploit DB: TP-Link WR940N - (Authenticated) Remote Code
import urllib2 import base64 import hashlib from optparse import * import sys import urllibbanner = ( "___________________________________________________________________________\n" "WR940N Authenticated Remote Code Exploit\n" "This exploit will open a bind shell on the remote target\n" "The port is 31337, you can change that in the code if you wis ...
Exploit DB: TP-Link WDR4300 Remote Code Execution
TP-Link WDR4300 with firmware versions 31333 and 3143 post-authentication remote code execution exploit ...
Exploit DB: TP-Link WR940N Remote Code Execution
Numerous remote code execution paths were discovered in TP-Link's WR940N home WiFi router Valid credentials are required for this attack path It is possible for an authenticated attacker to obtain a remote shell with root privileges ...

Github Repositories

https://github.com/pandazheng/MiraiSecurity

Mirai

MiraiSecurity Mirai wwwcdxyme/?p=746 wwwfreebufcom/articles/network/119403html pastebincom/svH8tvd9 wwwfreebufcom/sectool/130091html wwwtuicoolcom/articles/qM7rMnb h4ckth4tsh1tcom/indexphp?u=/topic/18/ggsetup-a-mirai-botnet githubcom/rootblack45/Mirai-Source-Modded githubcom/Screamfox/-Mirai-Iot-BotNet

Recent Articles

Windows USB-stick-of-death, router bugs resurrected, and more
The Register • Shaun Nichols in San Francisco • 28 Apr 2018

Your weekend guide to computer security cockups

Roundup Here's your summary of infosec news – from router holes to Windows crashes – beyond what we've already covered this week. Tim Carrington at Fidus Infosec went public on Thursday with not-so-new remote-code execution flaws in TPLink router firmware. We're told the security holes (CVE-2017-13772) were not only reported to TPLink in October 2017, but were vulnerabilities that the company had patched in older models, only for the bugs to resurface when the exploitable code was reused in ...

Read more...

References

CWE-119https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/https://www.exploit-db.com/exploits/43022/http://packetstormsecurity.com/files/158999/TP-Link-WDR4300-Remote-Code-Execution.htmlhttps://nvd.nist.govhttps://github.com/pandazheng/MiraiSecurityhttps://www.exploit-db.com/exploits/43022/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32744privilege escalationCVE-2024-30253CVE-2024-3914cross-site scriptingCVE-2024-31497CVE-2024-3400CVE-2024-32341hardcoded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook