CVE-2022-25062

EPSS 28.96%
Veröffentlicht 25.02.2022 20:15:08
Zuletzt bearbeitet 21.11.2024 06:51:36
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Tp-link ≫ Tl-wr840n Firmware Version6.20_180709

Tp-link ≫ Tl-wr840n Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	28.96%	0.961

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

http://tp-link.com

Product

http://router.com

URL Repurposed

Not Applicable

https://east-trowel-102.notion.site/CVE-2021-XXXX-RCE-Integer-Overflow-via-crafted-payload-in-an-DNS-input-field-userDomain-EN-2bc0fafd23224a5a8f86f5f0f9377d3d

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-25062

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-25062

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-25062

EUVD