Mohamed Maatallah

7 exploits Active since Nov 2024
CVE-2024-11237 WRITEUP HIGH WORKING POC
TP-Link VN020 F3v(T) TT_V6.2.1021 - Stack-Based Buffer Overflow in DHCP DISCOVER Packet Parser
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.5
CVE-2025-5105 WRITEUP HIGH WRITEUP
TOZED ZLT W51 <1.4.2 - Use After Free
A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before release. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 7.3
CVE-2025-47268 WRITEUP MEDIUM WORKING POC
iputils < 20250602 - Denial of Service via Crafted ICMP Echo Reply Packet
ping in iputils before 20250602 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication.
CVSS 6.5
CVE-2025-5105 WRITEUP HIGH WRITEUP
TOZED ZLT W51 <1.4.2 - Use After Free
A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified as critical. Affected by this issue is some unknown functionality of the component Service Port 7777. The manipulation leads to improper clearing of heap memory before release. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 7.3
CVE-2024-12342 EXPLOITDB MEDIUM text WORKING POC
TP-Link VN020 F3v(T) TT_V6.2.1021 - DoS
A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.
CVSS 6.5
CVE-2024-12344 EXPLOITDB MEDIUM c WORKING POC
TP-Link VN020 F3v(T) TT_V6.2.1021 - Memory Corruption via FTP USER Command Handler
A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVSS 6.3
CVE-2024-11237 EXPLOITDB HIGH c WORKING POC
TP-Link VN020 F3v(T) TT_V6.2.1021 - Stack-Based Buffer Overflow in DHCP DISCOVER Packet Parser
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS 7.5