Primary

Context

TP-Link TL-WR940N V4 Buffer Overflow Vulnerability in WanSlaacCfgRpm.htm

Vulnerability

A critical buffer overflow vulnerability has been identified in the TP-Link TL-WR940N V4 router. The issue arises in the file '/userRpm/WanSlaacCfgRpm.htm', where the 'dnsserver1' parameter can be manipulated, leading to a buffer overflow. This vulnerability can be exploited remotely, causing a denial-of-service condition by crashing the router and making it inaccessible.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the router to crash and become unresponsive.

Reproduction

The vulnerability can be reproduced by sending a crafted packet that manipulates the 'dnsserver1' parameter in the '/userRpm/WanSlaacCfgRpm.htm' file. This can be done remotely, and the router will crash as a result.

Added: Jun 17, 2025, 1:29 AM

Updated: Jun 17, 2025, 1:29 AM

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.8

impact

2.5

exploitability

6.2

remediation

0.0

relevance

0.2

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TP-Link TL-WR940N V4 Buffer Overflow Vulnerability in WanSlaacCfgRpm.htm

Vulnerability

Impact

Reproduction

Affected Products

TP-Link TL-WR940N V4

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating