Cyber Resilience

CVE-2022-30024

High

Published: 14 July 2022

Published
14 July 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.1230 94.0th percentile
Risk Priority 25 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-30024 is a high-severity Classic Buffer Overflow (CWE-120) vulnerability in Tp-Link Tl-Wr841. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 6.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

A buffer overflow vulnerability exists in the httpd daemon on TP-Link TL-WR841N V12 devices running firmware version 3.16.9, as well as several earlier hardware revisions including TL-WR841 V12 TL-WR841N(EU)_V12_160624, TL-WR841 V11 TL-WR841N(EU)_V11_160325, TL-WR841N_V11_150616, and TL-WR841 V10 TL-WR841N_V10_150310. The flaw, tracked as CWE-120, resides in the handling of GET requests directed at the System Tools page of the Wi-Fi network configuration interface.

An authenticated remote attacker can trigger the overflow by sending a crafted GET request to the affected page, resulting in arbitrary code execution on the device. The vulnerability carries a CVSS 3.1 score of 8.8, reflecting network attack vector, low attack complexity, and low privileges required.

The associated EPSS score has remained flat at 0.1230 with no material increase after disclosure. No vendor advisories or patch information are provided in the available references.

EU & UK References

Vulnerability details

A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This…

more

affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

tp-link
tl-wr841 firmware
all versions
tp-link
tl-wr841n firmware
150310, 150616, 3.16.9
tp-link
tl-wr841n\(eu\) firmware
160325

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-120

Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.

References