Details of VAR-201406-0503

ID

VAR-201406-0503

TITLE

Multiple TP-Link Router RomPager Denial of Service Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2014-03726

DESCRIPTION

TP-Link is a well-known supplier of network and communication equipment. TP-Link TD-W8901G, TD-W8101G, TD-8840G, TD-8817 firmware version 3.11.2.175_TC3086, T14.F7_5.0 There is a remote denial of service vulnerability, which can be exploited by an attacker to cause the affected device to crash. Multiple TP-Link routers are prone to a denial-of-service vulnerability. TP-Link TD-W8901G, TD-W8101G, TD-8840G, TD-8817 running firmware version 3.11.2.175_TC3086 and hardware version T14.F7_5.0 are vulnerable

Trust: 0.81

sources: CNVD: CNVD-2014-03726 // BID: 68024

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2014-03726

AFFECTED PRODUCTS

vendor:	tp link	model:	td-8817 3.11.2.175 tc3086	scope:	-	version:	-	Trust: 0.9
vendor:	tp link	model:	td-w8901g 3.11.2.175 tc3086	scope:	-	version:	-	Trust: 0.9
vendor:	tp link	model:	td-w8101g 3.11.2.175 tc3086	scope:	-	version:	-	Trust: 0.9
vendor:	tp link	model:	td-8840g 3.11.2.175 tc3086	scope:	-	version:	-	Trust: 0.9
vendor:	tp link	model:	td-w8901g t14.f7 5.0	scope:	-	version:	-	Trust: 0.6
vendor:	tp link	model:	td-w8101g t14.f7 5.0	scope:	-	version:	-	Trust: 0.6
vendor:	tp link	model:	td-8840g t14.f7 5.0	scope:	-	version:	-	Trust: 0.6
vendor:	tp link	model:	td-8817 t14.f7 5.0	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2014-03726 // BID: 68024

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2014-03726
value:	MEDIUM
Trust: 0.6

CNVD:	CNVD-2014-03726
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

sources: CNVD: CNVD-2014-03726

THREAT TYPE

network

Trust: 0.3

sources: BID: 68024

TYPE

Failure to Handle Exceptional Conditions

Trust: 0.3

sources: BID: 68024

EXTERNAL IDS

db:	BID	id:	68024	Trust: 0.9
db:	CNVD	id:	CNVD-2014-03726	Trust: 0.6

sources: CNVD: CNVD-2014-03726 // BID: 68024

REFERENCES

url:	http://www.securityfocus.com/bid/68024	Trust: 0.6
url:	http://www.tp-link.com/en/	Trust: 0.3
url:	http://osandamalith.wordpress.com/2014/06/10/zte-and-tp-link-rompager-dos/	Trust: 0.3

sources: CNVD: CNVD-2014-03726 // BID: 68024

CREDITS

Osanda Malith

Trust: 0.3

sources: BID: 68024

SOURCES

db:	CNVD	id:	CNVD-2014-03726
db:	BID	id:	68024

LAST UPDATE DATE

2022-05-17T01:51:09.900000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2014-03726	date:	2014-06-18T00:00:00
db:	BID	id:	68024	date:	2014-06-10T00:00:00

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2014-03726	date:	2014-06-18T00:00:00
db:	BID	id:	68024	date:	2014-06-10T00:00:00