Yuxiang Yang - Security Researcher - Exploit Intelligence Platform

CVE-2024-37661 WRITEUP MEDIUM WRITEUP

Tp-link Tl-7dr5130 Firmware - Origin Validation Error

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.

CVSS 6.3

View Code

CVE-2024-37662 WRITEUP MEDIUM WRITEUP

Tp-link Tl-7dr5130 Firmware - Denial of Service

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.

CVSS 6.3

View Code

CVE-2024-37663 WRITEUP MEDIUM WRITEUP

Redmi Router RB03 <1.0.57 - SSRF

Redmi router RB03 v1.0.57 is vulnerable to forged ICMP redirect message attacks. An attacker in the same WLAN as the victim can hijack the traffic between the victim and any remote server by sending out forged ICMP redirect messages.

CVSS 4.1

View Code

CVE-2024-37664 WRITEUP MEDIUM WRITEUP

Redmi Ax6s Firmware - Denial of Service

Redmi router RB03 v1.0.57 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.

CVSS 5.2

View Code