Multiple vulnerabilities in TP-Link TL-WR940N



Published: 2022-11-24
Risk Medium
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2022-43636
CVE-2022-43635
CWE-ID CWE-330
CWE-303
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Subscribe
TL-WR940N
Hardware solutions / Routers for home users

Vendor

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Use of insufficiently random values

EUVDB-ID: #VU69569

Risk: Medium

CVSSv3.1:

CVE-ID: CVE-2022-43636

CWE-ID: CWE-330 - Use of Insufficiently Random Values

Exploit availability: No

Description

The vulnerability allows a remote attacker to bypass authentication process.

The vulnerability exists due to the lack of sufficient randomness in the sequnce numbers used for session managment within the httpd service. A remote attacker on the local network can bypass authentication process and gain unauthorized access to the application.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TL-WR940N: before 6_3.20.1 Build 220801

before 6_3.20.1 Build 220801
CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-22-1614/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Incorrect Implementation of Authentication Algorithm

EUVDB-ID: #VU69570

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2022-43635

CWE-ID: CWE-303 - Incorrect Implementation of Authentication Algorithm

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the incorrect implementation of the authentication algorithm within the httpd service. A remote attacker on the local network can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

TL-WR940N: before 6_3.20.1 Build 220801

before 6_3.20.1 Build 220801
CPE2.3 External links

http://www.zerodayinitiative.com/advisories/ZDI-22-1615/

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###