CVE-2022-46910

Published Dec 20, 2022

Last updated a year ago

CVSS high 8.8

Overview

Description: An issue in the firmware update process of TP-Link TL-WA901ND V1 up to v3.11.2 and TL-WA901N V2 up to v3.12.16 allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via uploading a crafted firmware image.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 8.8
Impact score: 5.9
Exploitability score: 2.8
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tp-link:tl-wa901n_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B81EDABD-DC22-4B47-B66D-94CE4B28B078",
            "versionEndIncluding": "3.11.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:tp-link:tl-wa901n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A34A828-66A6-4C7A-A38B-8B7191B9D7C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tp-link:tl-wa901nd_v1_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E1836A43-2987-47E9-81B6-3E0CDDA20BFA",
            "versionEndIncluding": "3.11.2"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:tp-link:tl-wa901nd_v1:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6DFDAF93-DAFA-461D-A98F-593A18C837AA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tp-link:tl-wa901n_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "62FEFABB-23F1-40AC-B2B1-35E679424D29",
            "versionEndIncluding": "3.12.16",
            "versionStartIncluding": "3.12.0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:tp-link:tl-wa901n:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "6A34A828-66A6-4C7A-A38B-8B7191B9D7C1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:tp-link:tl-wa901nd_v2_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA588115-5435-4AD3-8D0E-5B9E0F4130D4",
            "versionEndIncluding": "3.12.16"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:tp-link:tl-wa901nd_v2:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B98201EF-F611-4CED-B990-024CBA4E3807"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References