CVE-2018-16119
published 2019-06-20CVE-2018-16119: Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious…
PriorityP259high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
EPSS
34.13%
98.2th percentile
Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| linux | linux_kernel | >= 0 < 4.4.0-193.224 | 4.4.0-193.224 |
| linux | linux_kernel | >= 0 < 4.15.0-121.123 | 4.15.0-121.123 |
| tp-link | tl-wr1043nd_firmware | — | — |
CVSS provenance
nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
osv5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hr6c-hqvj-5hgg: Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malic
ghsa_unreviewed·2022-05-24
CVE-2018-16119 [HIGH] GHSA-hr6c-hqvj-5hgg: Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malic
Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm.
OSV
linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities
osv·2020-10-14·CVSS 5.5
CVE-2020-16119 linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities
Hadar Manor discovered that the DCCP protocol implementation in the Linux
kernel improperly handled socket reuse, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2020-16119)
Wen Xu discovered that the XFS file system in the Linux kernel did not
properly validate inode metadata in some situations. An attacker could use
this to construct a malicious XFS image that, when mounted, could cause a
denial of service (system crash). (CVE-2018-10322)
Jay Shin discovered that the ext4 file system implementation in the Linux
kernel did not properly handle directory access with broken indexing,
le
OSV
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
osv·2020-10-14·CVSS 5.5
CVE-2020-16119 linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities
Hadar Manor discovered that the DCCP protocol implementation in the Linux
kernel improperly handled socket reuse, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2020-16119)
Wen Xu discovered that the XFS file system in the Linux kernel did not
properly validate inode metadata in some situations. An attacker could use
this to construct a malicious XFS image that, when mounted, could cause a
denial of service (system crash). (CVE-2018-10322)
It was discovered that the btrfs file s
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-06-20
Published