First published: Thu Sep 13 2018(Updated: )
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for firewall dmz enable.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-wr886n Firmware | =6.0_2.3.4 | |
Tp-link Tl-wr886n Firmware | =7.0_1.1.0 | |
TP-Link TL-WR886N |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2018-17005 is medium (6.5).
Authenticated attackers can exploit CVE-2018-17005 by crashing router services (e.g., inetd, HTTP, DNS, and UPnP) using long JSON data for firewall dmz enable.
TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices are affected by CVE-2018-17005.
There is no known fix for CVE-2018-17005 at the moment. It is recommended to monitor for vendor updates and apply them when available.
You can find more information about CVE-2018-17005 on the GitHub page: https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_01/README.md