ByteOS Network

Vulnerability Details :

CVE-2022-43636

Assigner-zdi

Assigner Org ID-99f1926a-a320-47d8-bbb5-42feb611262e

Published At-29 Mar, 2023 | 00:00

Updated At-12 Feb, 2025 | 17:41

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link TL-WR940N 6_211111 3.20.1(US) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-18334.

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

▼Common Vulnerabilities and Exposures (CVE)

cve.org

Assigner:zdi

Assigner Org ID:99f1926a-a320-47d8-bbb5-42feb611262e

Published At:29 Mar, 2023 | 00:00

Updated At:12 Feb, 2025 | 17:41

▼CVE Numbering Authority (CNA)

Affected Products

Vendor

TP-Link Systems Inc.

Product

TL-WR940N

Versions

Affected

6_211111 3.20.1(US)

Problem Types

Type	CWE ID	Description
CWE	CWE-330	CWE-330: Use of Insufficiently Random Values

Type: CWE

CWE ID: CWE-330

Description: CWE-330: Use of Insufficiently Random Values

Metrics

Version	Base score	Base severity	Vector
3.0	7.5	HIGH	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.0

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Credits

ExLuck

References

Hyperlink	Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-1614/	N/A

Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-1614/

Resource: N/A

▼Authorized Data Publishers (ADP)

1. CVE Program Container

References

Hyperlink	Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-1614/	x_transferred

Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-1614/

Resource:

x_transferred

2. CISA ADP Vulnrichment

Metrics Other Info

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:zdi-disclosures@trendmicro.com

Published At:29 Mar, 2023 | 19:15

Updated At:07 Apr, 2023 | 14:16

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	8.8	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Secondary	3.0	7.5	HIGH	CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 3.1

Base score: 8.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.0

Base score: 7.5

Base severity: HIGH

Vector:

CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CPE Matches

TP-Link Systems Inc.

>>tl-wr940n_firmware>>6_211111_3.20.1

cpe:2.3:o:tp-link:tl-wr940n_firmware:6_211111_3.20.1:*:*:*:*:*:*:*

TP-Link Systems Inc.

>>tl-wr940n>>-

cpe:2.3:h:tp-link:tl-wr940n:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-330	Primary	zdi-disclosures@trendmicro.com

CWE ID: CWE-330

Type: Primary

Source: zdi-disclosures@trendmicro.com

References

Hyperlink	Source	Resource
https://www.zerodayinitiative.com/advisories/ZDI-22-1614/	zdi-disclosures@trendmicro.com	Third Party Advisory VDB Entry

Hyperlink: https://www.zerodayinitiative.com/advisories/ZDI-22-1614/

Source: zdi-disclosures@trendmicro.com

Resource:

Third Party Advisory

VDB Entry

Similar CVEs

52Records found

CVE-2020-11551

Matching Score-4

Assigner-MITRE Corporation

View Details

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-9.6||CRITICAL

EPSS-0.33% / 56.10%

7 Day CHG~0.00%

Published-18 May, 2020 | 15:45

Updated-04 Aug, 2024 | 11:35

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi configuration data such as authentication details (e.g., the Web-admin password), network settings, DNS settings, system administration interface configuration, etc.

Vendor-n/a NETGEAR, Inc.

Product-rbs50y_firmware srr60 srs60_firmware srs60 rbs50y srr60_firmware n/a

CWE ID-CWE-287

Improper Authentication

CWE ID-CWE-330

Use of Insufficiently Random Values

CVE-2021-26726

Matching Score-4

Assigner-Nozomi Networks Inc.

View Details

Matching Score-4

Assigner-Nozomi Networks Inc.

CVSS Score-8.8||HIGH

EPSS-1.08% / 78.33%

7 Day CHG~0.00%

Published-16 Feb, 2022 | 15:15

Updated-17 Sep, 2024 | 00:36

Remote code execution in Valmet DNA before Collection 2021

A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.

Vendor-valmet Valmet DNA

Product-dna Valmet DNA

CWE ID-CWE-305

Authentication Bypass by Primary Weakness

CWE ID-CWE-272

Least Privilege Violation

CWE ID-CWE-209

Generation of Error Message Containing Sensitive Information

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CWE ID-CWE-330

Use of Insufficiently Random Values

CVE-2022-43636

Credits

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs