CVE-2022-24010

CRITICAL

TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14 - Buffer Overflow

Title source: llm

Description

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the cwmpd binary.

References (1)

[Exploit, Technical Description, Third Party Advisory] https://talosintelligence.com/vulnerability_reports/TALOS-2022-1463

Scores

CVSS v3 9.8

EPSS 0.0057

EPSS Percentile 68.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Classification

CWE

CWE-120

Status published

Affected Products (1)

tcl/linkhub_mesh_wifi_ac1200

Timeline

Published Aug 05, 2022

Tracked Since Feb 18, 2026