Buffer Overflow Vulnerability in Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3)
CVE-2023-49909

7.2HIGH

Key Information:

Vendor: Tp-link
Status: Ac1350 Wireless Mu-mimo Gigabit Access Point (eap225 V3); N300 Wireless Access Point (eap115)
Vendor: CVE Published:; 9 April 2024

Summary

A stack-based buffer overflow vulnerability affects the Radio Scheduling feature of the Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (specifically EAP225 V3 v5.1.0 Build 20220926). This vulnerability allows an attacker to exploit a specially crafted series of HTTP requests to achieve remote code execution. The overflow occurs due to improper handling of the action parameter in the httpd_portal binary, particularly at offset 0x0045ab38. Successful exploitation requires authenticated access, posing significant risks if exploited maliciously.

Affected Version(s)

AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926

N300 Wireless Access Point (EAP115) v5.0.4 Build 20220216

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Apr 9, 2024
Vulnerability Reserved
Dec 1, 2023

Credit

Discovered by the Vulnerability Discovery and Research team of Cisco Talos.