TP-Link TL-WR740N ARP resource consumption

A vulnerability classified as problematic has been found in TP-Link TL-WR740N. Affected is an unknown function of the component ARP Handler. The manipulation leads to resource consumption. Using CWE to declare the problem leads to CWE-400. The weakness was disclosed 12/06/2022. The advisory is shared for download at youtube.com. This vulnerability is traded as CVE-2022-4296. The attack needs to be done within the local network. There are no technical details available. Furthermore, there is an exploit available. The exploit has been disclosed to the public and may be used. The current price for an exploit might be approx. USD $0-$5k at the moment. It is declared as proof-of-concept. The exploit is shared for download at youtube.com. As 0-day the estimated underground price was around $0-$5k. It is recommended to apply restrictive firewalling. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

126

Field

source_cve_nvd_summary1
source_cve_assigned1
source_videolink1
exploit_price_0day1
vulnerability_cvss3_meta_tempscore1

Commit Conf

90%32
50%9
70%2
100%1

Approve Conf

90%32
80%9
70%2
100%1
IDCommitedUserFieldChangeRemarksAcceptedStatusC
1344366012/26/2022VulD...cve_nvd_summaryA vulnerability classified as problematic has been found in TP-Link TL-WR740N. Affected is an unknown function of the component ARP Handler. The manipulation leads to resource consumption. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-214812.cve.mitre.org12/26/2022accepted
70
1344365912/26/2022VulD...cve_assigned1670281200 (12/06/2022)cve.mitre.org12/26/2022accepted
70
1333874612/06/2022VulD...videolinkhttps://www.youtube.com/watch?v=D--fb-cesmA12/06/2022accepted
100
1333874512/06/2022VulD...price_0day$0-$5ksee exploit price documentation12/06/2022accepted
90
1333874412/06/2022VulD...cvss3_meta_tempscore5.7see CVSS documentation12/06/2022accepted
90
1333874312/06/2022VulD...cvss3_meta_basescore6.5see CVSS documentation12/06/2022accepted
90
1333874212/06/2022VulD...cvss3_vuldb_tempscore5.7see CVSS documentation12/06/2022accepted
90
1333874112/06/2022VulD...cvss3_vuldb_basescore6.5see CVSS documentation12/06/2022accepted
90
1333874012/06/2022VulD...cvss2_vuldb_tempscore5.0see CVSS documentation12/06/2022accepted
90
1333873912/06/2022VulD...cvss2_vuldb_basescore6.1see CVSS documentation12/06/2022accepted
90
1333873812/06/2022VulD...cvss2_vuldb_rlWderived from vuldb v3 vector12/06/2022accepted
80
1333873712/06/2022VulD...cvss2_vuldb_rcURderived from vuldb v3 vector12/06/2022accepted
80
1333873612/06/2022VulD...cvss2_vuldb_ePOCderived from vuldb v3 vector12/06/2022accepted
80
1333873512/06/2022VulD...cvss2_vuldb_aiCderived from vuldb v3 vector12/06/2022accepted
80
1333873412/06/2022VulD...cvss2_vuldb_iiNderived from vuldb v3 vector12/06/2022accepted
80
1333873312/06/2022VulD...cvss2_vuldb_ciNderived from vuldb v3 vector12/06/2022accepted
80
1333873212/06/2022VulD...cvss2_vuldb_auNderived from vuldb v3 vector12/06/2022accepted
80
1333873112/06/2022VulD...cvss2_vuldb_acLderived from vuldb v3 vector12/06/2022accepted
80
1333873012/06/2022VulD...cvss2_vuldb_avAderived from vuldb v3 vector12/06/2022accepted
80
1333872912/06/2022VulD...typeRouter Operating System12/06/2022accepted
90

24 more entries are not shown

Do you want to use VulDB in your project?

Use the official API to access entries easily!