First published: Thu Sep 13 2018(Updated: )
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for dhcpd udhcpd enable.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-wr886n Firmware | =6.0_2.3.4 | |
Tp-link Tl-wr886n Firmware | =7.0_1.1.0 | |
TP-Link TL-WR886N |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-17017 is a vulnerability discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices that allows authenticated attackers to crash router services.
The attacker can exploit CVE-2018-17017 by sending long JSON data for dhcpd udhcpd enable, causing a crash in services like inetd, HTTP, DNS, and UPnP.
TP-Link TL-WR886N firmware versions 6.0_2.3.4 and 7.0_1.1.0 are affected by CVE-2018-17017.
CVE-2018-17017 is classified as a medium severity vulnerability with a severity score of 6.5.
At the moment, there is no known fix for CVE-2018-17017. It is recommended to update to the latest firmware once a fix is released by TP-Link.