Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-22733

TP Link MR200 V4 Firmware version 210201 was discovered to contain a null-pointer-dereference in the web administration panel on /cgi/login via the sign, Action or LoginStatus query parameters which could lead to a denial of service by a local or remote unauthenticated attacker.

Published

2024-11-01T16:15:08.077

Last Modified

2024-11-05T21:35:05.440

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-476
Type: Secondary
CWE-476

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	tp-link	mr200_firmware	210201	Yes
Hardware	tp-link	mr200	4	No

References

https://lenoctambule.dev/post/dos-on-tp-link-web-admin-panel Exploit, Third Party Advisory ([email protected])