Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-12344

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Published

2024-12-08T23:15:04.980

Last Modified

2024-12-10T23:28:05.760

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.0

Impact Score

6.4

Weaknesses

Type: Secondary
CWE-119
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	tp-link	vn020_f3v_firmware	6.2.1021	Yes
Hardware	tp-link	vn020_f3v	-	No

References

https://github.com/Zephkek/TP-1450 Broken Link ([email protected])
https://vuldb.com/?ctiid.287265 Permissions Required, VDB Entry ([email protected])
https://vuldb.com/?id.287265 Third Party Advisory, VDB Entry ([email protected])
https://vuldb.com/?submit.452658 Third Party Advisory, VDB Entry ([email protected])
https://www.tp-link.com/ Product ([email protected])