|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-01-19 | |
| Rule Name: | TP-Link TL-R600VPN Multiple Vulnerabilities Vulnerability (CVE-2018-3948) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability. | |
| Impact: | An attacker could exploit this vulnerability to cause the server to stop responding to requests, resulting in downtime for the management portal. | |
| Affected OS: | Windows, Others | |
| Reference: | https://talosintelligence.com/vulnerability_reports/TALOS-2018-0617 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://www.tp-link.com/us/products/details/cat-4909_TL-R600VPN.html |