Critical Vulnerability Discovered in TP-Link FTP USER Command Handler

CVE-2024-12344

9.8CRITICAL

Key Information

Vendor
Tp-link
Status
Vn020 F3v(t)
Vendor
CVE Published:
8 December 2024

Summary

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3v(T) TT_V6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Affected Version(s)

VN020 F3v(T) = TT_V6.2.1021

Refferences

https://vuldb.com/?id.287265
vdb-entry
https://vuldb.com/?ctiid.287265
signaturepermissions-required
https://vuldb.com/?submit.452658
third-party-advisory
https://github.com/Zephkek/TP-1450
exploit
https://www.tp-link.com/
product

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

Collectors

NVD DatabaseMitre Database

Credit

Mohamed Maatallah (VulDB User)
.