CVE-2024-12344

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
References
Link Resource
https://github.com/Zephkek/TP-1450 Broken Link
https://vuldb.com/?ctiid.287265 Permissions Required VDB Entry
https://vuldb.com/?id.287265 Third Party Advisory VDB Entry
https://vuldb.com/?submit.452658 Third Party Advisory VDB Entry
https://www.tp-link.com/ Product
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:tp-link:vn020_f3v_firmware:6.2.1021:*:*:*:*:*:*:*
cpe:2.3:h:tp-link:vn020_f3v:-:*:*:*:*:*:*:*

History

10 Dec 2024, 23:28

Type Values Removed Values Added
First Time Tp-link vn020 F3v Firmware
Tp-link vn020 F3v
Tp-link
CPE cpe:2.3:h:tp-link:vn020_f3v:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:vn020_f3v_firmware:6.2.1021:*:*:*:*:*:*:*
CWE CWE-787
References () https://github.com/Zephkek/TP-1450 - () https://github.com/Zephkek/TP-1450 - Broken Link
References () https://vuldb.com/?ctiid.287265 - () https://vuldb.com/?ctiid.287265 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.287265 - () https://vuldb.com/?id.287265 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?submit.452658 - () https://vuldb.com/?submit.452658 - Third Party Advisory, VDB Entry
References () https://www.tp-link.com/ - () https://www.tp-link.com/ - Product

08 Dec 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-12-08 23:15

Updated : 2024-12-10 23:28


NVD link : CVE-2024-12344

Mitre link : CVE-2024-12344

CVE.ORG link : CVE-2024-12344


JSON object : View

Products Affected

tp-link

  • vn020_f3v
  • vn020_f3v_firmware
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-787

Out-of-bounds Write