Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)
CVE-2023-49907

7.2HIGH

Key Information:

Vendor: Tp-link
Status: Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3); N300 Wireless Access Point (eap115)
Vendor: CVE Published:; 9 April 2024

Summary

A stack-based buffer overflow vulnerability has been identified in the Radio Scheduling functionality of the web interface for Tp-Link's AC1350 Wireless MU-MIMO Gigabit Access Point, specifically the EAP225 V3 model running v5.1.0 Build 20220926. This vulnerability can be exploited by sending a specially crafted series of HTTP requests, potentially allowing an attacker to execute arbitrary code remotely. The overflow is triggered through the band parameter located at offset 0x0045aad8 within the httpd_portal binary included in the affected firmware. This security flaw emphasizes the need for users to ensure their devices are updated and configured securely.

Affected Version(s)

AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926

N300 Wireless Access Point (EAP115) v5.0.4 Build 20220216

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 9, 2024
Vulnerability Reserved
Dec 1, 2023

Credit

Discovered by the Vulnerability Discovery and Research team of Cisco Talos.