What is CVE-2023-39745?

CVE-2023-39745 is a vulnerability found in TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5, and TP-Link TL-WR841N V8 routers that allows attackers to cause a Denial of Service (DoS) through a crafted GET request.

How severe is CVE-2023-39745?

CVE-2023-39745 has a severity value of 7.5, which is considered high.

What is the affected software?

The affected software includes TP-Link TL-WR940N V2 Firmware, TP-Link TL-WR941ND V5 Firmware, and TP-Link TL-WR841N V8 Firmware.

How can the vulnerability be exploited?

The vulnerability can be exploited by sending a crafted GET request to the /userRpm/AccessCtrlAccessRulesRpm component.

Is TP-Link TL-WR940N V2 vulnerable to CVE-2023-39745?

No, TP-Link TL-WR940N V2 is not vulnerable to CVE-2023-39745.

Vulnerability/
CVE-2023-39745

high

7.5

CWE

120 119

EPSS

0.046%

21/8/2023

7/10/2024

CVE-2023-39745: Buffer Overflow

First published: Mon Aug 21 2023(Updated: )

TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

Credit: cve@mitre.org cve@mitre.org

Affected Software	Affected Version	How to fix
Tp-link Tl-wr940n V2 Firmware
TP-Link TL-WR940N V2
Tp-link Tl-wr941nd V5 Firmware
TP-Link TL-WR941ND V5
Tp-link Tl-wr841n V8 Firmware
TP-Link TL-WR841N V8

Never miss a vulnerability like this again

Reference Links

https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/16/TP-Link%20WR940N%20WR941ND%20WR841N%20wireless%20router%20userRpmAccessCtrlAccessRulesRpm%20buffer%20read%20out-of-bounds%20vulnerability.md

Frequently Asked Questions

What is CVE-2023-39745?
CVE-2023-39745 is a vulnerability found in TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5, and TP-Link TL-WR841N V8 routers that allows attackers to cause a Denial of Service (DoS) through a crafted GET request.
How severe is CVE-2023-39745?
CVE-2023-39745 has a severity value of 7.5, which is considered high.
What is the affected software?
The affected software includes TP-Link TL-WR940N V2 Firmware, TP-Link TL-WR941ND V5 Firmware, and TP-Link TL-WR841N V8 Firmware.
How can the vulnerability be exploited?
The vulnerability can be exploited by sending a crafted GET request to the /userRpm/AccessCtrlAccessRulesRpm component.
Is TP-Link TL-WR940N V2 vulnerable to CVE-2023-39745?
No, TP-Link TL-WR940N V2 is not vulnerable to CVE-2023-39745.

collector/nvd-api
collector/nvd-index
agent/author
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/epss-latest
source/FIRST
agent/severity
agent/weakness
agent/references
agent/description
agent/epss
agent/event
agent/tags
collector/mitre-cve
source/MITRE
vendor/tp-link
canonical/tp-link tl-wr940n v2 firmware
canonical/tp-link tl-wr940n v2
canonical/tp-link tl-wr941nd v5 firmware
canonical/tp-link tl-wr941nd v5
canonical/tp-link tl-wr841n v8 firmware
canonical/tp-link tl-wr841n v8

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.