CVE-2023-36355
Published: 22 June 2023
Summary
CVE-2023-36355 is a critical-severity Classic Buffer Overflow (CWE-120) vulnerability in Tp-Link Tl-Wr940N Firmware. Its CVSS base score is 9.9 (Critical).
Operationally, ranked in the top 2.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
TP-Link TL-WR940N V4 contains a buffer overflow vulnerability in the ipStart parameter of the /userRpm/WanDynamicIpV6CfgRpm endpoint, classified under CWE-120. The flaw was disclosed on 2023-06-22 and carries a CVSS 3.1 score of 9.9, reflecting network-accessible, low-complexity attack conditions with low privileges required and impacts to confidentiality, integrity, and availability.
An attacker with limited privileges can submit a crafted GET request to the affected endpoint, triggering the overflow and resulting in a denial of service. The same conditions enable potential further impacts consistent with the CVSS vector, though public descriptions emphasize service disruption on the wireless router.
Public references consist of exploit artifacts published on PacketStorm and detailed write-ups on GitHub that demonstrate the buffer write out-of-bounds condition. The associated EPSS score reached a peak of 0.4295 with a current value of 0.3434, indicating a material rise in exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-40323
Vulnerability details
TP-Link TL-WR940N V4 was discovered to contain a buffer overflow via the ipStart parameter at /userRpm/WanDynamicIpV6CfgRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Platform-independent managed code eliminates the need for unchecked native buffer copies that are the root cause of classic buffer overflows.