CVE-2024-12343
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Dec 8, 2024
Updated: Dec 10, 2024
CWE ID 119
CWE ID 120
Summary
CVE-2024-12343 is a critical vulnerability affecting the SOAP Request Handler component of TP-Link VN020 F3v(T) TT_V6.2.1021. The issue lies within an unknown function of the /control/WANIPConnection file, where a buffer overflow occurs due to manipulation of the NewConnectionType argument. This vulnerability can only be exploited through the local network, and the exploit has been made public, potentially increasing the risk to affected devices.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Vendors
- TP-LINK Technologies Co Ltd