CVE-2022-25060
Published on: Not Yet Published
Last Modified on: 08/08/2023 02:21:00 PM UTC
Certain versions of Tl-wr840n from Tp-link contain the following vulnerability:
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain a command injection vulnerability via the component oal_startPing.
- CVE-2022-25060 has been assigned by
[email protected] to track the vulnerability - currently rated as CRITICAL severity.
CVSS3 Score: 9.8 - CRITICAL
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
NETWORK | LOW | NONE | NONE |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 10 - HIGH
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | LOW | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
COMPLETE | COMPLETE | COMPLETE |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Captcha | web.archive.org text/html Inactive LinkNot Archived |
![]() |
Notion – The all-in-one workspace for your notes, tasks, wikis, and databases. | east-trowel-102.notion.site text/html |
![]() |
WiFi Networking Equipment for Home & Business | TP-Link | tp-link.com text/html |
![]() |
There are currently no QIDs associated with this CVE
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Hardware
| Tp-link | Tl-wr840n | - | All | All | All |
Operating System | Tp-link | Tl-wr840n Firmware | 6.20_180709 | All | All | All |
- cpe:2.3:h:tp-link:tl-wr840n:-:*:*:*:*:*:*:*:
- cpe:2.3:o:tp-link:tl-wr840n_firmware:6.20_180709:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
Severity: ??? | TP-LINK TL-WR840N(ES)_V6.20_180709 was d... | CVE-2022-25060 | Link for more: alerts.remotelyrmm.com/CVE-2022-25060 | 2022-03-09 16:05:14 |