CVE-2023-39751

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 21, 2023
Updated: Aug 24, 2023
CWE ID 787

Summary

CVE-2023-39751 is a newly discovered buffer overflow vulnerability affecting certain versions of TP-Link TL-WR941ND v6 routers. The issue lies within the /userRpm/PingIframeRpm component, specifically in the handling of the pSize parameter. An attacker could exploit this flaw by sending specially crafted data to the router, resulting in memory corruption and potentially executing arbitrary code. This vulnerability poses a significant risk, particularly if the router is not updated with the latest security patches. Users are strongly urged to apply the necessary fixes as soon as possible to mitigate potential threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share