VAR-202001-0288
Vulnerability from variot - Updated: 2023-12-18 12:35This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. TP-LINK TL-WR841N The router contains a classic buffer overflow vulnerability. Zero Day Initiative Does not address this vulnerability ZDI-CAN-8457 Was numbered.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. TP-Link TL-WR841N is a wireless router from China TP-Link. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202001-0288",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "tl-wr841n",
"scope": null,
"trust": 1.5,
"vendor": "tp link",
"version": null
},
{
"model": "tl-wr841n",
"scope": "eq",
"trust": 1.0,
"vendor": "tp link",
"version": "0.9.1_4.16"
},
{
"model": "tp-link tl-wr841n",
"scope": null,
"trust": 0.6,
"vendor": "tp link",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:tp-link:tl-wr841n_firmware:0.9.1_4.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:tp-link:tl-wr841n:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17147"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Nguyen Hoang Thach - Security Researcher at VNPT ISC",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
],
"trust": 1.3
},
"cve": "CVE-2019-17147",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-17147",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-46402",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "zdi-disclosures@trendmicro.com",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-17147",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-17147",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "NONE",
"vectorString": "AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-17147",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "zdi-disclosures@trendmicro.com",
"id": "CVE-2019-17147",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2019-17147",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2019-46402",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201911-1414",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-17147",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-LINK TL-WR841N routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 80 by default. When parsing the Host request header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length static buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8457. TP-LINK TL-WR841N The router contains a classic buffer overflow vulnerability. Zero Day Initiative Does not address this vulnerability ZDI-CAN-8457 Was numbered.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. TP-Link TL-WR841N is a wireless router from China TP-Link. The vulnerability originates from a network system or product that incorrectly validates data boundaries when performing operations on memory, causing incorrect read and write operations to be performed on other associated memory locations",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "VULMON",
"id": "CVE-2019-17147"
}
],
"trust": 2.88
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-17147",
"trust": 3.8
},
{
"db": "ZDI",
"id": "ZDI-19-992",
"trust": 3.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-8457",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-46402",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2019-17147",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"id": "VAR-202001-0288",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-46402"
}
],
"trust": 1.0402277199999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-46402"
}
]
},
"last_update_date": "2023-12-18T12:35:48.897000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Download for TL-WR841N V14",
"trust": 0.8,
"url": "https://www.tp-link.com/us/support/download/tl-wr841n/#firmware"
},
{
"title": "TP-Link has issued an update to correct this vulnerability.#Firmware",
"trust": 0.7,
"url": "https://www.tp-link.com/us/support/download/tl-wr841n/"
},
{
"title": "Patch for TP-Link TL-WR841N Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/194735"
},
{
"title": "TP-Link TL-WR841N Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=106538"
},
{
"title": "CVE-2019-17147_Practice_Material",
"trust": 0.1,
"url": "https://github.com/drmnsamoliu/cve-2019-17147_practice_material "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khulnasoft-lab/awesome-security "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-120",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-19-992/"
},
{
"trust": 1.7,
"url": "https://www.tp-link.com/us/support/download/tl-wr841n/#firmware"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-17147"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-17147"
},
{
"trust": 0.7,
"url": "https://www.tp-link.com/us/support/download/tl-wr841n/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/120.html"
},
{
"trust": 0.1,
"url": "https://github.com/drmnsamoliu/cve-2019-17147_practice_material"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-26T00:00:00",
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"date": "2019-12-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"date": "2020-01-07T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"date": "2020-01-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"date": "2020-01-07T23:15:10.967000",
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"date": "2019-11-26T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-26T00:00:00",
"db": "ZDI",
"id": "ZDI-19-992"
},
{
"date": "2019-12-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-46402"
},
{
"date": "2020-01-14T00:00:00",
"db": "VULMON",
"id": "CVE-2019-17147"
},
{
"date": "2020-01-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-014045"
},
{
"date": "2020-01-14T17:09:18.440000",
"db": "NVD",
"id": "CVE-2019-17147"
},
{
"date": "2020-07-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TP-LINK TL-WR841N Classic buffer overflow vulnerability in router",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-014045"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201911-1414"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…