CVE-2023-36355

CVSS 3.1 Score 9.9 of 10 (high)

Details

Published Jun 22, 2023

Updated: Jul 4, 2023

CWE ID 120

Summary

CVE-2023-36355 is a newly disclosed vulnerability affecting the TP-Link TL-WR940N V4 router. This issue involves a buffer overflow vulnerability located in the /userRpm/WanDynamicIpV6CfgRpm section, specifically in the handling of the ipStart parameter. An attacker can exploit this flaw by sending a carefully crafted GET request, causing a Denial of Service (DoS) condition. This vulnerability poses a significant risk to network availability and should be addressed promptly by affected organizations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rvd6Qp
https://www.cve.org/CVERecord?id=CVE-2023-36355
https://nvd.nist.gov/vuln/detail/CVE-2023-36355

Back to Vulnerability Database

CVE-2023-36355

CVSS 3.1 Score 9.9 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations