First published: Thu Jun 06 2019(Updated: )
TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the ipAddrDispose function. By sending specially crafted ICMP echo request packets, a remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-wr940n Firmware | ||
TP-Link TL-WR940N | ||
Tp-link Tl-wr941nd Firmware | ||
Tp-link Tl-wr941nd |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-6989 is a vulnerability in the TP-Link TL-WR940N router that allows a remote attacker to execute arbitrary code on the system.
The vulnerability occurs due to improper bounds checking in the ipAddrDispose function of the TP-Link TL-WR940N router.
The severity of CVE-2019-6989 is critical, with a CVSS score of 8.8.
TP-Link TL-WR940N routers are affected by the CVE-2019-6989 vulnerability.
To fix the CVE-2019-6989 vulnerability, it is recommended to update the firmware of the TP-Link TL-WR940N router to the latest version provided by TP-Link.