Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9
CVSSv2

CVE-2018-16119

Published: 20/06/2019 Updated: 24/08/2020
CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 801
Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Subscribe to Tl-wr1043nd Firmware

Vulnerability Summary

Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote malicious users to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

tp-link tl-wr1043nd_firmware 3.00

Github Repositories

https://github.com/hdbreaker/CVE-2018-16119

TP-Link TL-WR1043ND - Authenticated Remote Code Execution

CVE-2018-16119 Authenticated Remote Code Execution TP-Link WR1043ND cvemitreorg/cgi-bin/cvenamecgi?name=CVE-2018-16119 Exploit to get Remote Root Shell in TP-Link TP-Link TL-WR1043ND Devices Do not forget to modify and compile reverse_shell_mipsbec with the name of shh cp reverse_shell_mipsbec /tmp/ docker run -v /tmp/:/tmp/ -it asmimproved/qemu-mips /bin/bash

References

CWE-787http://tp-link.com/https://www.secsignal.org/news/exploiting-routers-just-another-tp-link-0dayhttps://nvd.nist.govhttps://github.com/hdbreaker/CVE-2018-16119
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook