Exposed Dangerous Method or Function

CVE-2023-49074

High

7.4/10

Summary

A denial of service vulnerability exists in the TDDP functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted series of network requests can lead to reset to factory settings. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability.

Attack Complexity: HIGH
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: HIGH

CWE-749 - Exposed Dangerous Method or Function

The software provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.

References

Advisory Timeline

Published Apr 09, 2024

Exposed Dangerous Method or Function

CVE-2023-49074

Summary

CWE-749 - Exposed Dangerous Method or Function

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS