CVE-2024-12342

MEDIUM

TP-Link VN020 F3v(T) TT_V6.2.1021 - DoS

Title source: llm

Description

A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.

Exploits (2)

exploitdb WORKING POC

by Mohamed Maatallah · textremotemultiple

https://www.exploit-db.com/exploits/52250

View Code ZIP pw:eip

nomisec WORKING POC

by becrevex · poc

https://github.com/becrevex/TPLink-VN020-DoS

View Code ZIP pw:eip

References (4)

[Various Sources] https://github.com/Zephkek/TP-WANPunch/blob/main/README.md

[Various Sources] https://www.tp-link.com/

[Permissions Required, VDB Entry] https://vuldb.com/?ctiid.287261

[Permissions Required, VDB Entry] https://vuldb.com/?id.287261

Scores

CVSS v3 6.5

EPSS 0.0605

EPSS Percentile 90.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-404

Status published

Products (1)

TP-Link/VN020 F3v(T) TT_V6.2.1021

Published Dec 08, 2024

Tracked Since Feb 18, 2026