ID
VAR-E-201209-0574
TITLE
TP-LINK TL-WR340G Denial Of Service
Trust: 0.5
DESCRIPTION
The TP-LINK TL-WR340G SOHO router version 4.7.11 suffers from a malformed packet denial of service vulnerability.
Trust: 0.5
AFFECTED PRODUCTS
| vendor: | tp link | model: | tl-wr340g | scope: | - | version: | - | Trust: 0.5 |
EXPLOIT
=== intro ===
TP-LINK TL-WR340G is a SOHO router with integrated IEEE 802.11b/g AP.
Now it's marked End-of-Life.
Transmitting crafted frames in proximity of working router cause device
to malfunction. Wireless communication stops, existing clients don't
receive frames from AP ( except beacons ), new clients can't connect.
=== details ===
Affected product: TL-WR340G Wireless router
Firm Version: 4.7.11 Build 101102 Rel.60376n
Hardware Version: WR340G v3
Local/remote: Local ( wirelessly )
Vulnerability can be spotted by crafting and transmitting frame with scapy:
>> fr = RadioTap()/Dot11(addr1="ff:ff:ff:ff:ff:ff",addr2="<AP
MAC>",addr3="<AP MAC>")/Dot11Beacon()/Dot11Elt()
>> sendp(fr,iface="injection capable wireless interface",count=5)
Attacker could cease wireless traffic. To resume AP functionality user
must restart wireless interface in WebGUI or restart device.
=== time-line ===
2.08.2012 - vendor notified
4.09.2012 - no response from vendor, published
Trust: 0.5
EXPLOIT HASH
LOCAL | SOURCE | ||||||||
|
|
Trust: 0.5
PRICE
free
Trust: 0.5
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | denial of service | Trust: 0.5 |
CREDITS
Adam P.
Trust: 0.5
EXTERNAL IDS
| db: | PACKETSTORM | id: | 116279 | Trust: 0.5 |
SOURCES
| db: | PACKETSTORM | id: | 116279 |
LAST UPDATE DATE
2022-07-27T09:19:01.394000+00:00
SOURCES RELEASE DATE
| db: | PACKETSTORM | id: | 116279 | date: | 2012-09-06T20:22:22 |