CVE-2018-3950 - An exploitable remote code execution vulnerability exists in the ping and tracert functionality of t

CVE-2018-3950

Summary

An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single authenticated HTTP request to trigger this vulnerability.

References

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0619

Vulnerable Configurations

cpe:2.3:o:tp-link:tl-r600vpn_firmware:1.3.0:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-r600vpn_firmware:1.3.0:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-r600vpn:3:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-r600vpn:3:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-r600vpn_firmware:1.2.3:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-r600vpn_firmware:1.2.3:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-r600vpn:2:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-r600vpn:2:*:*:*:*:*:*:*

CVSS

Base:	6.5 (as of 03-02-2023 - 18:02)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:P/A:P

refmap via4

misc

https://talosintelligence.com/vulnerability_reports/TALOS-2018-0619

Last major update

03-02-2023 - 18:02

Published

01-12-2018 - 04:29

Last modified

03-02-2023 - 18:02