CVE-2024-12342

EPSS 1.04%
Published 08.12.2024 07:15:04
Last modified 08.12.2024 07:15:04
Source cna@vuldb.com
Teams watchlist Login
Open Login

A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.

Affected products Warnungen 0 Metrics 4 CWE 1 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorTP-Link

≫

Product VN020 F3v(T)

Version TT_V6.2.1021

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.04%	0.767

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
cna@vuldb.com	7.1	0	0	CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com	6.5	2.8	3.6	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cna@vuldb.com	6.1	6.5	6.9	AV:A/AC:L/Au:N/C:N/I:N/A:C

CWE-404 Improper Resource Shutdown or Release

The product does not release or incorrectly releases a resource before it is made available for re-use.

https://www.tp-link.com/

https://github.com/Zephkek/TP-WANPunch/blob/main/README.md

https://vuldb.com/?ctiid.287261

https://vuldb.com/?id.287261

https://nvd.nist.gov/vuln/detail/CVE-2024-12342

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-12342

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-12342

EUVD