Vulnerability Details CVE-2024-54887
TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.3%
CVSS Severity
CVSS v3 Score 8.0
Products affected by CVE-2024-54887
-
cpe:2.3:h:tp-link:tl-wr940n:v3
-
cpe:2.3:h:tp-link:tl-wr940n:v4
-
cpe:2.3:o:tp-link:tl-wr940n_firmware:-
-
cpe:2.3:o:tp-link:tl-wr940n_firmware:3.16.9