CVE-2022-26988

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:tl-wdr7660_firmware:2.0.30:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr7660:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:tp-link:tl-wdr7661_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr7661:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:tp-link:tl-wdr7620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr7620:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:tp-link:tl-wdr5660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr5660:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:mercusys:mercury_d196g_firmware:20200109_2.0.4:*:*:*:*:*:*:*
cpe:2.3:h:mercusys:mercury_d196g:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:fastcom:fac1900r_firmware:20190827_2.0.2:*:*:*:*:*:*:*
cpe:2.3:h:fastcom:fac1900r:-:*:*:*:*:*:*:*

History

21 Nov 2024, 06:54

Type Values Removed Values Added
References () http://tp-link.com - Vendor Advisory () http://tp-link.com - Vendor Advisory
References () https://drive.google.com/file/d/1J1KzojrMCq-MrV0HqkWiu17MIXGhRuUH/view?usp=sharing - Exploit, Third Party Advisory () https://drive.google.com/file/d/1J1KzojrMCq-MrV0HqkWiu17MIXGhRuUH/view?usp=sharing - Exploit, Third Party Advisory
References () https://github.com/GANGE666 - Third Party Advisory () https://github.com/GANGE666 - Third Party Advisory

16 May 2022, 16:51

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 7.8
References (MISC) https://drive.google.com/file/d/1J1KzojrMCq-MrV0HqkWiu17MIXGhRuUH/view?usp=sharing - (MISC) https://drive.google.com/file/d/1J1KzojrMCq-MrV0HqkWiu17MIXGhRuUH/view?usp=sharing - Exploit, Third Party Advisory
References (MISC) http://tp-link.com - (MISC) http://tp-link.com - Vendor Advisory
References (MISC) https://github.com/GANGE666 - (MISC) https://github.com/GANGE666 - Third Party Advisory
CWE CWE-787
CPE cpe:2.3:h:fastcom:fac1900r:-:*:*:*:*:*:*:*
cpe:2.3:o:mercusys:mercury_d196g_firmware:20200109_2.0.4:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wdr7620_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wdr5660_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr5660:-:*:*:*:*:*:*:*
cpe:2.3:h:mercusys:mercury_d196g:-:*:*:*:*:*:*:*
cpe:2.3:o:fastcom:fac1900r_firmware:20190827_2.0.2:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wdr7661_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr7661:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:tl-wdr7660_firmware:2.0.30:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr7620:-:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:tl-wdr7660:-:*:*:*:*:*:*:*

10 May 2022, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-05-10 15:15

Updated : 2024-11-21 06:54


NVD link : CVE-2022-26988

Mitre link : CVE-2022-26988

CVE.ORG link : CVE-2022-26988


JSON object : View

Products Affected

mercusys

  • mercury_d196g_firmware
  • mercury_d196g

tp-link

  • tl-wdr7660
  • tl-wdr7620_firmware
  • tl-wdr7620
  • tl-wdr7661
  • tl-wdr5660
  • tl-wdr7661_firmware
  • tl-wdr5660_firmware
  • tl-wdr7660_firmware

fastcom

  • fac1900r
  • fac1900r_firmware
CWE
CWE-787

Out-of-bounds Write