CVE-2022-25062

HIGH

Tp-link Tl-wr840n Firmware - Integer Overflow

Title source: rule

Description

TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.

Exploits (1)

nomisec WORKING POC

by exploitwritter · poc

https://github.com/exploitwritter/CVE-2022-25062

View Code ZIP pw:eip

References (3)

Core 3

Core References

Product x_refsource_misc

http://tp-link.com

Not Applicable, URL Repurposed x_refsource_misc

http://router.com

Third Party Advisory x_refsource_misc

https://east-trowel-102.notion.site/CVE-2021-XXXX-RCE-Integer-Overflow-via-crafted-payload-in-an-DNS-input-field-userDomain-EN-2bc0fafd23224a5a8f86f5f0f9377d3d

Scores

CVSS v3 7.5

EPSS 0.2896

EPSS Percentile 96.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-190

Status published

Products (1)

tp-link/tl-wr840n_firmware 6.20_180709

Published Feb 25, 2022

Tracked Since Feb 18, 2026