Sign-up

ID

VAR-202211-1345


CVE

CVE-2022-43636


TITLE

TP-LINK TL-WR940N Security Feature Vulnerability

Trust: 1.2

sources: CNVD: CNVD-2023-32177 // CNNVD: CNNVD-202303-2523

DESCRIPTION

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6_211111 3.20.1(US) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-18334. TP-LINK Technologies of TL-WR940N A vulnerability exists in the firmware regarding the use of insufficient random values.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. TP-LINK TL-WR940N is a wireless router made by TP-LINK in China

Trust: 2.88

sources: NVD: CVE-2022-43636 // JVNDB: JVNDB-2022-022054 // ZDI: ZDI-22-1614 // CNVD: CNVD-2023-32177 // VULMON: CVE-2022-43636

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2023-32177

AFFECTED PRODUCTS

vendor:tp linkmodel:tl-wr940nscope: - version: -

Trust: 1.5

vendor:tp linkmodel:tl-wr940nscope:eqversion:6_211111_3.20.1

Trust: 1.0

vendor:tp linkmodel:tl-wr940nscope:eqversion:tl-wr940n firmware 6 211111 3.20.1

Trust: 0.8

vendor:tp linkmodel:tl-wr940nscope:eqversion: -

Trust: 0.8

vendor:tp linkmodel:tl-wr940n 6 211111 3.20.1scope: - version: -

Trust: 0.6

sources: ZDI: ZDI-22-1614 // CNVD: CNVD-2023-32177 // JVNDB: JVNDB-2022-022054 // NVD: CVE-2022-43636

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com: CVE-2022-43636
value: HIGH

Trust: 1.0

nvd@nist.gov: CVE-2022-43636
value: HIGH

Trust: 1.0

NVD: CVE-2022-43636
value: HIGH

Trust: 0.8

ZDI: CVE-2022-43636
value: HIGH

Trust: 0.7

CNVD: CNVD-2023-32177
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202303-2523
value: HIGH

Trust: 0.6

CNVD: CNVD-2023-32177
severity: HIGH
baseScore: 8.3
vectorString: AV:A/AC:L/AU:N/C:C/I:C/A:C
accessVector: ADJACENT_NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 6.5
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

zdi-disclosures@trendmicro.com: CVE-2022-43636
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 5.9
version: 3.0

Trust: 1.0

nvd@nist.gov: CVE-2022-43636
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-43636
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

ZDI: CVE-2022-43636
baseSeverity: HIGH
baseScore: 7.5
vectorString: AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: ADJACENT
attackComplexity: HIGH
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.6
impactScore: 5.9
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-22-1614 // CNVD: CNVD-2023-32177 // JVNDB: JVNDB-2022-022054 // CNNVD: CNNVD-202303-2523 // NVD: CVE-2022-43636 // NVD: CVE-2022-43636

PROBLEMTYPE DATA

problemtype:CWE-330

Trust: 1.0

problemtype:Insufficient use of random values (CWE-330) [ others ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-022054 // NVD: CVE-2022-43636

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202303-2523

TYPE

security feature problem

Trust: 0.6

sources: CNNVD: CNNVD-202303-2523

EXTERNAL IDS

db:NVDid:CVE-2022-43636

Trust: 4.6

db:ZDIid:ZDI-22-1614

Trust: 3.8

db:JVNDBid:JVNDB-2022-022054

Trust: 0.8

db:ZDI_CANid:ZDI-CAN-18334

Trust: 0.7

db:CNVDid:CNVD-2023-32177

Trust: 0.6

db:CNNVDid:CNNVD-202303-2523

Trust: 0.6

db:VULMONid:CVE-2022-43636

Trust: 0.1

sources: ZDI: ZDI-22-1614 // CNVD: CNVD-2023-32177 // VULMON: CVE-2022-43636 // JVNDB: JVNDB-2022-022054 // CNNVD: CNNVD-202303-2523 // NVD: CVE-2022-43636

REFERENCES

url:https://www.zerodayinitiative.com/advisories/zdi-22-1614/

Trust: 3.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-43636

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-43636/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/330.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2023-32177 // VULMON: CVE-2022-43636 // JVNDB: JVNDB-2022-022054 // CNNVD: CNNVD-202303-2523 // NVD: CVE-2022-43636

CREDITS

ExLuck

Trust: 0.7

sources: ZDI: ZDI-22-1614

SOURCES

db:ZDIid:ZDI-22-1614
db:CNVDid:CNVD-2023-32177
db:VULMONid:CVE-2022-43636
db:JVNDBid:JVNDB-2022-022054
db:CNNVDid:CNNVD-202303-2523
db:NVDid:CVE-2022-43636

LAST UPDATE DATE

2024-08-14T14:24:27.072000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-22-1614date:2023-03-28T00:00:00
db:CNVDid:CNVD-2023-32177date:2023-04-27T00:00:00
db:VULMONid:CVE-2022-43636date:2023-03-30T00:00:00
db:JVNDBid:JVNDB-2022-022054date:2023-11-15T03:15:00
db:CNNVDid:CNNVD-202303-2523date:2023-04-10T00:00:00
db:NVDid:CVE-2022-43636date:2023-04-07T14:16:06.510

SOURCES RELEASE DATE

db:ZDIid:ZDI-22-1614date:2022-11-21T00:00:00
db:CNVDid:CNVD-2023-32177date:2023-04-27T00:00:00
db:VULMONid:CVE-2022-43636date:2023-03-29T00:00:00
db:JVNDBid:JVNDB-2022-022054date:2023-11-15T00:00:00
db:CNNVDid:CNNVD-202303-2523date:2023-03-29T00:00:00
db:NVDid:CVE-2022-43636date:2023-03-29T19:15:20.410