CVE-2023-30307

MEDIUM

TP-LINK TL-R473GP-AC, XDR6020, TL-R479GP-AC, TL-R4239G, TL-WAR1200L, TL-R476G - TCP Session Hijacking

Title source: llm

Description

An issue discovered in TP-LINK TL-R473GP-AC, TP-LINK XDR6020, TP-LINK TL-R479GP-AC, TP-LINK TL-R4239G, TP-LINK TL-WAR1200L, and TP-LINK TL-R476G routers allows attackers to hijack TCP sessions which could lead to a denial of service.

References (1)

Core 1

Core References

Various Sources

https://www.ndss-symposium.org/ndss-paper/exploiting-sequence-number-leakage-tcp-hijacking-in-nat-enabled-wi-fi-networks/

Scores

CVSS v3 5.3

EPSS 0.0036

EPSS Percentile 27.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-384

Status published

Published May 28, 2024

Tracked Since Feb 18, 2026