CVE-2019-6989

high-risk

Published 2019-06-06

TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.

Do I need to act?

19.1% chance of exploitation in next 30 days

EPSS score — higher than 81% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

1 public exploit available

46678

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (2)

Tl-Wr940N Firmware

Tl-Wr941Nd Firmware

Affected Vendors

Tp-Link

References (4)

http://packetstormsecurity.com/files/152458/TP-LINK-TL-WR940N-TL-WR941ND-Buffer-...

https://www.exploit-db.com/exploits/46678/

http://packetstormsecurity.com/files/152458/TP-LINK-TL-WR940N-TL-WR941ND-Buffer-...

https://www.exploit-db.com/exploits/46678/

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 13/34 · Low

Exposure 7/34 · Low