CVE-2020-9375
30Vexday Risk Score
No sign of exploitation. It has a public proof of concept.
ssvc Attendepss 28%
from disclosure to weapon0 days
Published on NVDMar 25
1st PoCMar 25
exploitation probability
28%top 2% of all CVEs
observed exploitation
nono source reports it
3 public exploit(s)
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/thewhiteh4t/cve-2020-9375★ 20cve_referencepacketstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-Service.htmlunverifiedexploitdbwww.exploit-db.com/exploits/48255unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://packetstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-Service.htmlhttps://thewhiteh4t.github.io/2020/02/27/CVE-2020-9375-TP-Link-Archer-C50-v3-Denial-of-Service.htmlhttps://thewhiteh4t.github.io/blog/cve-2020-9375-tplink/https://www.tp-link.com/in/support/download/archer-c50/v3/#Firmware