CVE-2023-39745

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Aug 21, 2023
Updated: Aug 25, 2023
CWE ID 120

Summary

CVE-2023-39745 is a newly discovered buffer overflow vulnerability affecting specific models of TP-Link routers, including the TL-WR940N V2, TL-WR941ND V5, and TL-WR841N V8. The issue lies within the component /userRpm/AccessCtrlAccessRulesRpm and can be exploited through a maliciously crafted GET request. This vulnerability does not directly result in code execution but instead enables attackers to cause a Denial of Service (DoS) condition. Users are urged to update their router firmware to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share