← back
CVE-2024-11237

TP-Link VN020 F3v(T) DHCP DISCOVER Packet Parser TP-Thumper stack-based overflow

CVSS 8.7 HIGHEPSS 5.2%CWE-119CWE-121
A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
Affected products
TP-Link · VN020 F3v(T)
public PoCs found2
cve_referencegithub.com/Zephkek/TP-Thumper/blob/main/poc.cunverifiedexploitdbwww.exploit-db.com/exploits/52292unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/Zephkek/TP-Thumperhttps://github.com/Zephkek/TP-Thumper/blob/main/poc.chttps://vuldb.com/?ctiid.284672https://vuldb.com/?id.284672https://vuldb.com/?submit.438408https://www.tp-link.com/