[Debug/Exploit CVE-2022-24355] TP-Link TL-WR940N Stack-based Buffer Overflow
( بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ ) (إن أحسنت فمن الله، وإن أسأت فمن نفسي والشيطان) We will try to debug and exploit CVE-2022-24355, i wanna thank my friend Sameh ( s4muii ) for his help through this exploit. It was a little bit hard because this is my first time with MIPS. The Exploit on GitHub . About the Bug TP-Link TL-WR940N router's firmware before v5_211111 is vulnerable to Stack Overflow, the vulnerability in "httpd" binary in function "httpRpmFs" and we can know that from ZDI report (https://www.zerodayinitiative.com/advisories/ZDI-22-265/) we will try to reproduce this finding in firmware "v4_160617" which will be emulated in our device because we do not have the router itself.