Skip to main content

Tl Wr840N Firmware CVE-2022-25062

HIGH
Integer Overflow or Wraparound (CWE-190)
2022-02-25 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Feb 25, 2022 - 20:15 nvd
HIGH 7.5

DescriptionNVD

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

AnalysisAI

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. Affected products include: Tp-Link Tl-Wr840N Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

CVE-2021-41653 CRITICAL POC
9.8 Nov 13

The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to r

CVE-2022-25061 CRITICAL POC
9.8 Feb 25

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_set

CVE-2022-25060 CRITICAL POC
9.8 Feb 25

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_sta

CVE-2022-25064 CRITICAL POC
9.8 Feb 25

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a remote code execution (RCE) vulnerability via the functio

CVE-2018-11714 CRITICAL POC
9.8 Jun 04

An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00

CVE-2019-15060 HIGH POC
8.8 Aug 22

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code

CVE-2018-15172 HIGH POC
7.5 Aug 15

TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header. Rated high severity (CVSS 7.5), this

CVE-2022-26642 HIGH POC
7.2 Mar 28

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter. Rated h

CVE-2022-26641 HIGH POC
7.2 Mar 28

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. Rated high sev

CVE-2022-26640 HIGH POC
7.2 Mar 28

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. Rated high severit

CVE-2022-26639 HIGH POC
7.2 Mar 28

TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. Rated high severit

CVE-2022-29402 MEDIUM POC
6.8 May 25

TP-Link TL-WR840N EU v6.20 was discovered to contain insecure protections for its UART console. Rated medium severity (C

Share

CVE-2022-25062 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy