Search

Find a vulnerability

Search criteria

    4 vulnerabilities found for vn020_f3v_firmware by tp-link

    CVE-2024-12344 (GCVE-0-2024-12344)

    Vulnerability from nvd – Published: 2024-12-08 23:00 – Updated: 2024-12-09 15:48
    VLAI
    Title
    TP-Link VN020 F3v(T) FTP USER Command memory corruption
    Summary
    A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TP-Link VN020 F3v(T) Affected: TT_V6.2.1021
    Create a notification for this product.
    Credits
    Mohamed Maatallah (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-09T15:48:11.958537Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-09T15:48:32.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "FTP USER Command Handler"
              ],
              "product": "VN020 F3v(T)",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "TT_V6.2.1021"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mohamed Maatallah (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in TP-Link VN020 F3v(T) TT_V6.2.1021 gefunden. Es betrifft eine unbekannte Funktion der Komponente FTP USER Command Handler. Dank der Manipulation mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-08T23:00:16.366Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-287265 | TP-Link VN020 F3v(T) FTP USER Command memory corruption",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.287265"
            },
            {
              "name": "VDB-287265 | CTI Indicators (IOB, IOC)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.287265"
            },
            {
              "name": "Submit #452658 | TP-Link VN020 F3v(T) Hardware Version: 1.0 /  Firmware Version: TT_V6.2.1021 Buffer Overflow \u0026 Memory corruption",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.452658"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Zephkek/TP-1450"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tp-link.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-12-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-12-08T08:56:48.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "TP-Link VN020 F3v(T) FTP USER Command memory corruption"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-12344",
        "datePublished": "2024-12-08T23:00:16.366Z",
        "dateReserved": "2024-12-08T07:51:44.661Z",
        "dateUpdated": "2024-12-09T15:48:32.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12343 (GCVE-0-2024-12343)

    Vulnerability from nvd – Published: 2024-12-08 09:31 – Updated: 2024-12-09 15:50
    VLAI
    Title
    TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow
    Summary
    A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.287262 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.287262 signaturepermissions-required
    https://vuldb.com/?submit.446212 third-party-advisory
    https://github.com/Zephkek/TP-WANPunch/blob/main/… exploit
    https://www.tp-link.com/ product
    Impacted products
    Vendor Product Version
    TP-Link VN020 F3v(T) Affected: TT_V6.2.1021
    Create a notification for this product.
    Credits
    Mohamed Maatallah (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12343",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-09T15:50:16.645162Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-09T15:50:37.719Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SOAP Request Handler"
              ],
              "product": "VN020 F3v(T)",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "TT_V6.2.1021"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mohamed Maatallah (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in TP-Link VN020 F3v(T) TT_V6.2.1021 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Datei /control/WANIPConnection der Komponente SOAP Request Handler. Durch Manipulieren des Arguments NewConnectionType mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.1,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-08T09:31:05.401Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-287262 | TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.287262"
            },
            {
              "name": "VDB-287262 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.287262"
            },
            {
              "name": "Submit #446212 | TP-Link VN020 F3v(T) ISP Routers Hardware Version: 1.0 /  Firmware Version: TT_V6.2.1021  Memory Corruption \u0026 DOS",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.446212"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Zephkek/TP-WANPunch/blob/main/README.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tp-link.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-12-07T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-12-07T17:36:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-12343",
        "datePublished": "2024-12-08T09:31:05.401Z",
        "dateReserved": "2024-12-07T16:30:19.395Z",
        "dateUpdated": "2024-12-09T15:50:37.719Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12344 (GCVE-0-2024-12344)

    Vulnerability from cvelistv5 – Published: 2024-12-08 23:00 – Updated: 2024-12-09 15:48
    VLAI
    Title
    TP-Link VN020 F3v(T) FTP USER Command memory corruption
    Summary
    A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TP-Link VN020 F3v(T) Affected: TT_V6.2.1021
    Create a notification for this product.
    Credits
    Mohamed Maatallah (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12344",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-09T15:48:11.958537Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-09T15:48:32.305Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "FTP USER Command Handler"
              ],
              "product": "VN020 F3v(T)",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "TT_V6.2.1021"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mohamed Maatallah (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in TP-Link VN020 F3v(T) TT_V6.2.1021 gefunden. Es betrifft eine unbekannte Funktion der Komponente FTP USER Command Handler. Dank der Manipulation mit unbekannten Daten kann eine memory corruption-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.5,
                "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-08T23:00:16.366Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-287265 | TP-Link VN020 F3v(T) FTP USER Command memory corruption",
              "tags": [
                "vdb-entry"
              ],
              "url": "https://vuldb.com/?id.287265"
            },
            {
              "name": "VDB-287265 | CTI Indicators (IOB, IOC)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.287265"
            },
            {
              "name": "Submit #452658 | TP-Link VN020 F3v(T) Hardware Version: 1.0 /  Firmware Version: TT_V6.2.1021 Buffer Overflow \u0026 Memory corruption",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.452658"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Zephkek/TP-1450"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tp-link.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-08T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-12-08T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-12-08T08:56:48.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "TP-Link VN020 F3v(T) FTP USER Command memory corruption"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-12344",
        "datePublished": "2024-12-08T23:00:16.366Z",
        "dateReserved": "2024-12-08T07:51:44.661Z",
        "dateUpdated": "2024-12-09T15:48:32.305Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-12343 (GCVE-0-2024-12343)

    Vulnerability from cvelistv5 – Published: 2024-12-08 09:31 – Updated: 2024-12-09 15:50
    VLAI
    Title
    TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow
    Summary
    A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    References
    URL Tags
    https://vuldb.com/?id.287262 vdb-entrytechnical-description
    https://vuldb.com/?ctiid.287262 signaturepermissions-required
    https://vuldb.com/?submit.446212 third-party-advisory
    https://github.com/Zephkek/TP-WANPunch/blob/main/… exploit
    https://www.tp-link.com/ product
    Impacted products
    Vendor Product Version
    TP-Link VN020 F3v(T) Affected: TT_V6.2.1021
    Create a notification for this product.
    Credits
    Mohamed Maatallah (VulDB User)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12343",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-09T15:50:16.645162Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-09T15:50:37.719Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "modules": [
                "SOAP Request Handler"
              ],
              "product": "VN020 F3v(T)",
              "vendor": "TP-Link",
              "versions": [
                {
                  "status": "affected",
                  "version": "TT_V6.2.1021"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "reporter",
              "value": "Mohamed Maatallah (VulDB User)"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A vulnerability classified as critical has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be done within the local network. The exploit has been disclosed to the public and may be used."
            },
            {
              "lang": "de",
              "value": "Es wurde eine kritische Schwachstelle in TP-Link VN020 F3v(T) TT_V6.2.1021 entdeckt. Es geht dabei um eine nicht klar definierte Funktion der Datei /control/WANIPConnection der Komponente SOAP Request Handler. Durch Manipulieren des Arguments NewConnectionType mit unbekannten Daten kann eine buffer overflow-Schwachstelle ausgenutzt werden. Der Angriff kann im lokalen Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "baseScore": 7.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
                "version": "4.0"
              }
            },
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            },
            {
              "cvssV3_0": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.0"
              }
            },
            {
              "cvssV2_0": {
                "baseScore": 6.1,
                "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C",
                "version": "2.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "Buffer Overflow",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-119",
                  "description": "Memory Corruption",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-12-08T09:31:05.401Z",
            "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
            "shortName": "VulDB"
          },
          "references": [
            {
              "name": "VDB-287262 | TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow",
              "tags": [
                "vdb-entry",
                "technical-description"
              ],
              "url": "https://vuldb.com/?id.287262"
            },
            {
              "name": "VDB-287262 | CTI Indicators (IOB, IOC, IOA)",
              "tags": [
                "signature",
                "permissions-required"
              ],
              "url": "https://vuldb.com/?ctiid.287262"
            },
            {
              "name": "Submit #446212 | TP-Link VN020 F3v(T) ISP Routers Hardware Version: 1.0 /  Firmware Version: TT_V6.2.1021  Memory Corruption \u0026 DOS",
              "tags": [
                "third-party-advisory"
              ],
              "url": "https://vuldb.com/?submit.446212"
            },
            {
              "tags": [
                "exploit"
              ],
              "url": "https://github.com/Zephkek/TP-WANPunch/blob/main/README.md"
            },
            {
              "tags": [
                "product"
              ],
              "url": "https://www.tp-link.com/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2024-12-07T00:00:00.000Z",
              "value": "Advisory disclosed"
            },
            {
              "lang": "en",
              "time": "2024-12-07T01:00:00.000Z",
              "value": "VulDB entry created"
            },
            {
              "lang": "en",
              "time": "2024-12-07T17:36:40.000Z",
              "value": "VulDB entry last update"
            }
          ],
          "title": "TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "assignerShortName": "VulDB",
        "cveId": "CVE-2024-12343",
        "datePublished": "2024-12-08T09:31:05.401Z",
        "dateReserved": "2024-12-07T16:30:19.395Z",
        "dateUpdated": "2024-12-09T15:50:37.719Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }