A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
History

Tue, 10 Dec 2024 23:45:00 +0000

Type Values Removed Values Added
First Time appeared Tp-link
Tp-link vn020 F3v
Tp-link vn020 F3v Firmware
Weaknesses CWE-787
CPEs cpe:2.3:h:tp-link:vn020_f3v:-:*:*:*:*:*:*:*
cpe:2.3:o:tp-link:vn020_f3v_firmware:6.2.1021:*:*:*:*:*:*:*
Vendors & Products Tp-link
Tp-link vn020 F3v
Tp-link vn020 F3v Firmware

Mon, 09 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Sun, 08 Dec 2024 23:15:00 +0000

Type Values Removed Values Added
Description A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Title TP-Link VN020 F3v(T) FTP USER Command memory corruption
Weaknesses CWE-119
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2024-12-08T23:00:16.366Z

Updated: 2024-12-09T15:48:32.305Z

Reserved: 2024-12-08T07:51:44.661Z

Link: CVE-2024-12344

cve-icon Vulnrichment

Updated: 2024-12-09T15:48:28.259Z

cve-icon NVD

Status : Analyzed

Published: 2024-12-08T23:15:04.980

Modified: 2024-12-10T23:28:05.760

Link: CVE-2024-12344

cve-icon Redhat

No data.