First published: Thu Sep 13 2018(Updated: )
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for ip_mac_bind name.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-wr886n Firmware | =6.0_2.3.4 | |
Tp-link Tl-wr886n Firmware | =7.0_1.1.0 | |
TP-Link TL-WR886N |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-17014 is a vulnerability found on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices that allows authenticated attackers to crash router services using long JSON data.
An attacker can exploit CVE-2018-17014 by sending long JSON data to the router, causing it to crash.
CVE-2018-17014 can crash router services such as inetd, HTTP, DNS, and UPnP.
CVE-2018-17014 has a severity rating of medium with a CVSS score of 6.5.
You can find more information about CVE-2018-17014 at this link: https://github.com/PAGalaxyLab/VulInfo/blob/master/TP-Link/WR886N/inetd_task_dos_10/README.md