CVE-2024-12342

TP-Link VN020 F3v(T) Incomplete SOAP Request WANIPConnection denial of service

CVSS 7.1 HIGHEPSS 8.9%CWE-404

A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Produtos afetados

TP-Link · VN020 F3v(T)

PoCs públicas encontradas — 3

githubgithub.com/becrevex/TPLink-VN020-DoS★ 0 cve_referencegithub.com/Zephkek/TP-WANPunch/blob/main/README.mdnão verificado exploitdbwww.exploit-db.com/exploits/52250não verificado

⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/Zephkek/TP-WANPunch/blob/main/README.md https://vuldb.com/?ctiid.287261 https://vuldb.com/?id.287261 https://www.tp-link.com/