CVE-2024-12342

TP-Link VN020 F3v(T) Incomplete SOAP Request WANIPConnection denial of service

CVSS 7.1 HIGHEPSS 8.9%CWE-404

A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected products

TP-Link · VN020 F3v(T)

public PoCs found — 3

githubgithub.com/becrevex/TPLink-VN020-DoS★ 0 cve_referencegithub.com/Zephkek/TP-WANPunch/blob/main/README.mdunverified exploitdbwww.exploit-db.com/exploits/52250unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Zephkek/TP-WANPunch/blob/main/README.md https://vuldb.com/?ctiid.287261 https://vuldb.com/?id.287261 https://www.tp-link.com/