CVE-2023-46527

CRITICAL

Tp-link Tl-wr886n Firmware - Out-of-Bounds Write

Title source: rule

Description

TP-LINK TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin and TL-WDR7660 2.0.30 was discovered to contain a stack overflow via the function bindRequestHandle.

References (3)

Core 3

Core References

Various Sources

https://github.com/Jianchun-Ding/CVE-poc-update

View Exploit ZIP pw:eip

Exploit, Third Party Advisory

https://github.com/XYIYM/Digging/blob/main/TP-LINK/TL-WR886N/13/1.md

Product

https://resource.tp-link.com.cn/pc/docCenter/showDoc?id=1676623713687165

Scores

CVSS v3 9.8

EPSS 0.0029

EPSS Percentile 52.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-787

Status published

Products (1)

tp-link/tl-wr886n_firmware 3.0.14

Published Oct 25, 2023

Tracked Since Feb 18, 2026