This issue is rated as critical due to the fact that a remote attacker can exploit this vulnerability and take control of an affected device. TL-WR840N(ES)_V6.20_180709 also contains a privilege escalation vulnerability. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_sendMessage. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_getStats. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_sendMessage. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_getStats. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_sendMsg. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_getStats. TL-WR840N(ES)_V6.20_180709 contains an information disclosure vulnerability via the function oal_wan6_sendMsg. TL-WR840N(ES)_V6.20_180709 contains an information disclosure

Vulnerable Versions

Only devices with firmware version 6.20 and lower are vulnerable to the critical vulnerabilities addressed in this advisory.

Timeline

Published on: 02/25/2022 20:15:00 UTC
Last modified on: 03/08/2022 20:51:00 UTC

References