CVE-2017-13772
35Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 53%
from disclosure to weapon0 days
Published on NVDOct 23
1st PoCOct 17
exploitation probability
53%top 1% of all CVEs
observed exploitation
nono source reports it
4 public exploit(s)
Multiple stack-based buffer overflows in TP-Link WR940N WiFi routers with hardware version 4 allow remote authenticated users to execute arbitrary code via the (1) ping_addr parameter to PingIframeRpm.htm or (2) dnsserver2 parameter to WanStaticIpV6CfgRpm.htm.
Affected products
n/a · n/apublic PoCs found — 4
cve_referencepacketstormsecurity.com/files/158999/TP-Link-WDR4300-Remote-Code-Execution.htmlunverifiedcve_referencewww.exploit-db.com/exploits/43022/unverifiedexploitdbwww.exploit-db.com/exploits/48994unverifiedexploitdbwww.exploit-db.com/exploits/43022unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.