Denial of Service Vulnerability in TP-Link TL-WR886N Router
CVE-2018-17008

6.5MEDIUM

Key Information:

Vendor: Tp-link
Status: Tl-wr886n Firmware
Vendor: CVE Published:; 13 September 2018

Summary

A vulnerability has been identified in the TP-Link TL-WR886N router models 6.0 (firmware version 2.3.4) and 7.0 (firmware version 1.1.0). Authenticated attackers can exploit this vulnerability by sending excessively long JSON data related to the wireless wlan_host_2g power feature. This exploit can lead to the crashing of critical router services, including inetd, HTTP, DNS, and UPnP, thereby degrading the device's operational stability and potentially disrupting network services for users.

References

https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Lin...

x_refsource_MISC

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Sep 13, 2018