Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point Vulnerable to Denial of Service Attack
CVE-2023-49074

7.4HIGH

Key Information:

Vendor: Tp-link
Status: Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3)
Vendor: CVE Published:; 9 April 2024

Summary

A denial of service vulnerability has been identified in the TDDP functionality of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point. This flaw allows an attacker to send a sequence of specially crafted network requests that can trigger a factory reset of the affected device. As a result, unauthorized access and disruption of services may occur, leading to significant impacts on network operations. Proper measures should be taken to mitigate this risk and ensure the security of network environments.

Affected Version(s)

AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 9, 2024
Vulnerability Reserved
Nov 21, 2023

Credit

Discovered by the Vulnerability Discovery and Research team of Cisco Talos.