CVE-2024-11237

HIGH

TP-Link VN020 F3v(T) TT_V6.2.1021 - Stack-Based Buffer Overflow in DHCP DISCOVER Packet Parser

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-11237. PoCs published by Mohamed Maatallah.

AI-analyzed exploit summary This exploit targets a DHCP stack buffer overflow in TP-Link VN020 F3v(T) routers (TT_V6.2.1021). It crafts a malicious DHCP DISCOVER packet with an oversized hostname (127 bytes) to trigger a stack overflow, leading to a denial-of-service (DoS) condition.

Description

A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Exploits (1)

exploitdb WORKING POC

by Mohamed Maatallah · clocalmultiple

https://www.exploit-db.com/exploits/52292

View Code ZIP pw:eip

This exploit targets a DHCP stack buffer overflow in TP-Link VN020 F3v(T) routers (TT_V6.2.1021). It crafts a malicious DHCP DISCOVER packet with an oversized hostname (127 bytes) to trigger a stack overflow, leading to a denial-of-service (DoS) condition.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: TP-Link VN020 F3v(T) Router (Firmware TT_V6.2.1021)

No auth needed

Prerequisites: Network access to the target router's DHCP service (UDP port 67) · Ability to send broadcast packets

MITRE ATT&CK