Buffer Overflow Vulnerability in TP-Link Router
CVE-2025-25899

3.5LOW

Key Information:

Vendor: TP-Link
Status: TL-WR841ND V11
Vendor: CVE Published:; 13 February 2025

Summary

A buffer overflow vulnerability has been identified in the TP-Link TL-WR841ND V11 router, specifically concerning the 'gw' parameter in the /userRpm/WanDynamicIpV6CfgRpm.htm interface. This weakness can be exploited by attackers to send specially crafted packets, resulting in a Denial of Service (DoS). Users of affected devices should take steps to secure their configurations in light of this vulnerability.

References

https://github.com/2664521593/mycve/blob/main/TP-Link/BOF...

CVSS V3.1

Score:

3.5

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 13, 2025
Vulnerability Reserved
Feb 7, 2025