Main Vulnerability Database Exploits ID:5120 - Exploit for Buffer overflow in TL-WR841N - CVE-2019-17147

ID:5120 - Exploit for Buffer overflow in TL-WR841N - CVE-2019-17147

Published: February 6, 2021

Vulnerability identifier: #VU23056

Vulnerability risk: Low

CVE-ID: CVE-2019-17147

CWE-ID: CWE-119

Exploitation vector: Adjecent network

Vulnerable software:
TL-WR841N

Link to public exploit:

https://srcincite.io/pocs/cve-2019-17147.py.txt

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to improper bounds checking by the "http_parser_main" function in the web service. A remote attacker on the local network can send a specially crafted HTTP Host request header, trigger memory corruption and execute arbitrary code in the context of the admin user.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install updates from vendor's website.

ID:5120 - Exploit for Buffer overflow in TL-WR841N - CVE-2019-17147

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human