CVE-2018-3950
published 2018-12-01CVE-2018-3950: An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3…
PriorityP356high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.92%
85.3th percentile
An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single authenticated HTTP request to trigger this vulnerability.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| talos | tp-link | — | — |
| tp-link | tl-r600vpn_firmware | — | — |
| tp-link | tl-r600vpn_firmware | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
blogs_talos·2023-08-02
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
## The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Since the discovery of the widespread VPNFilter malware in 2018 , Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers.
During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141 advisories covering 289 CVEs across multiple routers.
Talos is highlighting some of the major issues our researchers discovered over the past several years, including vulnerabilities that an attacker could mostly directly access or those an adversary could chain together to gain elevated access to the devices.
There are several Snort rules that can detect possible exploitation of the vulnerabilitie
Talos
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
blogs_talos·2023-08-02
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
- Since the discovery of the widespread VPNFilter malware in 2018, Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers.
- During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141 advisories covering 289 CVEs across multiple routers.
- Talos is highlighting some of the major issues our researchers discovered over the past several years, including vulnerabilities that an attacker could mostly directly access or those an adversary could chain together to gain elevated access to the devices.
- There are several Snort rules that can detect possible exploitation of the vulnerabilities included in this post.
Small office/home office (SOHO) routers and small-scale industrial rout
Talos
Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
blogs_talos·2018-11-19·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
Vulnerabilities discovered by Carl Hurd and Jared Rittle of Cisco Talos.
Cisco Talos is disclosing multiple vulnerabilities in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office (SOHO) routers. Talos discovered several bugs in this particular router model that could lead to remote code execution.
## Overview
There are two root causes of the vulnerabilities: a lack of input sanitisation and parsing errors. The lack of proper input sanitisation leads the vulnerabilities TALOS-2018-0617/18, which can be exploited without authentication. Parsing errors are responsible for the vulnerabilities TALOS-2018-0619/20. However, these can only be exploited with an authenticated session. The remote code execution is done under the context of HTTPD How
Talos
Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
blogs_talos·2018-11-19·CVSS 7.5
[HIGH] Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
## Vulnerability Spotlight: Multiple remote vulnerabilities in TP-Link TL-R600VPN
Vulnerabilities discovered by Carl Hurd and Jared Rittle of Cisco Talos. Cisco Talos is disclosing multiple vulnerabilities in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office (SOHO) routers. Talos discovered several bugs in this particular router model that could lead to remote code execution.
## Overview
There are two root causes of the vulnerabilities: a lack of input sanitisation and parsing errors. The lack of proper input sanitisation leads the vulnerabilities TALOS-2018-0617/18, which can be exploited without authentication. Parsing errors are responsible for the vulnerabilities TALOS-2018-0619/20. However, these can only be exploited with an authe
2018-12-01
Published