CVE-2024-22733

7.5HIGH

Key Information

Vendor: Tp-link
Status: Mr200 Firmware
Vendor: CVE Published:; 1 November 2024

Summary

TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker.

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Nov 1, 2024
Vulnerability Reserved.
Jan 11, 2024

Collectors

NVD DatabaseMitre Database