cnvd - cnvd-2024-49643

cnvd-2024-49643

Vulnerability from cnvd

Title: TP-LINK VN020缓冲区溢出漏洞

Description:

TP-LINK VN020是中国普联（TP-LINK）公司的一款无线调制解调器。

TP-Link VN020 F3v(T) TT_V6.2.1021版本存在安全漏洞，该漏洞源于组件SOAP请求处理程序中，参数NewConnectionType存在缓冲区溢出。攻击者可利用该漏洞导致缓冲区溢出或堆溢出等。

Severity: 中

Formal description:

厂商尚未发布漏洞修复程序，请及时关注更新： https://www.tp-link.com/

Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-12343

Impacted products

Name
TP-LINK VN020 F3v(T) TT_V6.2.1021

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-12343",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-12343"
    }
  },
  "description": "TP-LINK VN020\u662f\u4e2d\u56fd\u666e\u8054\uff08TP-LINK\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u65e0\u7ebf\u8c03\u5236\u89e3\u8c03\u5668\u3002\n\nTP-Link VN020 F3v(T) TT_V6.2.1021\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7ec4\u4ef6SOAP\u8bf7\u6c42\u5904\u7406\u7a0b\u5e8f\u4e2d\uff0c\u53c2\u6570NewConnectionType\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7f13\u51b2\u533a\u6ea2\u51fa\u6216\u5806\u6ea2\u51fa\u7b49\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.tp-link.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-49643",
  "openTime": "2024-12-31",
  "products": {
    "product": "TP-LINK VN020 F3v(T) TT_V6.2.1021"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2024-12343",
  "serverity": "\u4e2d",
  "submitTime": "2024-12-13",
  "title": "TP-LINK VN020\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

CVE-2024-12343 (GCVE-0-2024-12343)

Vulnerability from cvelistv5

Published

2024-12-08 09:31

Modified

2024-12-09 15:50

Severity ?

7.1 (High) - CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
6.5 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
6.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-120 - Buffer Overflow
CWE-119 - Memory Corruption

Summary

A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used.

References

▼	URL	Tags
	https://vuldb.com/?id.287262	vdb-entry, technical-description
	https://vuldb.com/?ctiid.287262	signature, permissions-required
	https://vuldb.com/?submit.446212	third-party-advisory
	https://github.com/Zephkek/TP-WANPunch/blob/main/README.md	exploit
	https://www.tp-link.com/	product

Impacted products

	Vendor	Product	Version
	TP-Link	VN020 F3v(T)	Version: TT_V6.2.1021

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12343",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-09T15:50:16.645162Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-09T15:50:37.719Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "SOAP Request Handler"
          ],
          "product": "VN020 F3v(T)",
          "vendor": "TP-Link",
          "versions": [
            {
              "status": "affected",
              "version": "TT_V6.2.1021"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Mohamed Maatallah (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used."
        },
        {
          "lang": "de",
          "value": "Es wurde eine kritische Schwachstelle in TP-Link VN020 F3v(T) TT_V6.2.1021 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Datei /control/WANIPConnection der Komponente SOAP Request Handler. Durch Manipulieren des Arguments NewConnectionType mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 6.1,
            "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Memory Corruption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-08T09:31:05.401Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-287262 | TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow",
          "tags": [
            "vdb-entry",
            "technical-description"
          ],
          "url": "https://vuldb.com/?id.287262"
        },
        {
          "name": "VDB-287262 | CTI Indicators (IOB, IOC, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.287262"
        },
        {
          "name": "Submit #446212 | TP-Link VN020 F3v(T) ISP Routers Hardware Version: 1.0 /  Firmware Version: TT_V6.2.1021  Memory Corruption \u0026 DOS",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.446212"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://github.com/Zephkek/TP-WANPunch/blob/main/README.md"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.tp-link.com/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-07T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2024-12-07T01:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2024-12-07T17:36:40.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2024-12343",
    "datePublished": "2024-12-08T09:31:05.401Z",
    "dateReserved": "2024-12-07T16:30:19.395Z",
    "dateUpdated": "2024-12-09T15:50:37.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted