Denial of Service Vulnerability in TP-Link RE300 V1 OneMesh Function
CVE-2022-41783

5.5MEDIUM

Key Information:

Vendor: Tp-link
Status: Tp-link Re300 V1
Vendor: CVE Published:; 7 December 2022

Summary

The TP-Link RE300 V1's OneMesh function is susceptible to a denial-of-service condition due to improper input processing within its tdpServer. Attackers may exploit this vulnerability to disrupt the OneMesh capabilities, impacting network stability and performance. It is crucial for users to ensure their devices are updated with the latest firmware to mitigate potential risks associated with this vulnerability.

Affected Version(s)

TP-Link RE300 V1 firmware versions prior to 221009

References

https://www.tp-link.com/en/support/download/re300/v1/#Fir...

https://jvn.jp/en/jp/JVN29657972/index.html

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 7, 2022
Vulnerability Reserved
Nov 16, 2022