CVE-2018-17016
First published: Thu Sep 13 2018(Updated: )
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for reboot_timer name.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tp-link Tl-wr886n Firmware | =6.0_2.3.4 | |
| Tp-link Tl-wr886n Firmware | =7.0_1.1.0 | |
| TP-Link TL-WR886N |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-17016?
CVE-2018-17016 is a vulnerability discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices that allows authenticated attackers to crash router services.
How can this vulnerability be exploited?
This vulnerability can be exploited by sending long JSON data for the reboot_timer name, causing the router services (e.g., inetd, HTTP, DNS, and UPnP) to crash.
Which devices are affected by CVE-2018-17016?
TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices are affected by CVE-2018-17016.
What is the severity of CVE-2018-17016?
CVE-2018-17016 has a severity rating of 6.5 (medium).
Is there a fix for CVE-2018-17016?
At the moment, there is no information available regarding a fix for CVE-2018-17016. It is recommended to stay updated with the latest firmware releases from TP-Link and follow best security practices.
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/tp-link
- canonical/tp-link tl-wr886n firmware
- version/tp-link tl-wr886n firmware/6.0_2.3.4
- version/tp-link tl-wr886n firmware/7.0_1.1.0
- canonical/tp-link tl-wr886n