CVE-2022-25073
Published: 24 February 2022
Summary
CVE-2022-25073 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Tp-Link Tl-Wr841N Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 9.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-25073 is a stack-based buffer overflow (CWE-787) in the dm_fillObjByStr function of the TP-Link TL-WR841Nv14_US_0.9.1_4.18 firmware. The affected component is the web management interface of this consumer wireless router model, which processes attacker-supplied input without adequate bounds checking.
The vulnerability can be exploited by unauthenticated remote attackers over the network. With a CVSS 3.1 score of 9.8, successful exploitation grants arbitrary code execution with full read, write, and control over the device, enabling complete compromise without user interaction.
Public references consist of proof-of-concept repositories that demonstrate the flaw but contain no vendor advisory, firmware patch details, or mitigation guidance. The EPSS score has remained flat at 0.0538 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-29817
Vulnerability details
TL-WR841Nv14_US_0.9.1_4.18 routers were discovered to contain a stack overflow in the function dm_fillObjByStr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.