mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-30 04:49:42 +00:00
980 B
980 B
CVE-2017-13772
Description
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.
POC
Reference
- http://packetstormsecurity.com/files/158999/TP-Link-WDR4300-Remote-Code-Execution.html
- https://www.exploit-db.com/exploits/43022/
- https://www.fidusinfosec.com/tp-link-remote-code-execution-cve-2017-13772/