| Titel | TP-Link VN020 F3v(T) Hardware Version: 1.0 / Firmware Version: TT_V6.2.1021 Buffer Overflow & Memory corruption |
|---|
| Beschreibung | A critical buffer overflow vulnerability has been identified in the FTP implementation of TP-Link VN020-F3v(T) routers (firmware TT_V6.2.1021), widely used in North Africa. The flaw allows unauthenticated attackers to trigger memory corruption via a malformed USER command, causing immediate router crashes and persistent denial of service (DoS) effects, with potential for remote code execution (RCE) without any authentication. Payloads exceeding 1450 bytes further corrupt the session state, resulting in undefined behavior, such as undefined behavior when running the user command with other + cd command and erratic FTP command execution opening the doors for priv escalation and more malicious acts. This vulnerability highlights severe input validation, buffer allocation, and memory management flaws in TP-Link's proprietary firmware, with a significant security impact on affected networks, and it's impact is even worst in Tunisia due to ISPs not allowing closing port 21 on this router and having weak default ftp credentials hardcoded into every router: user/user. This is specific to Tunisie Telecom ISPs and potentially others, details + poc inside the advisory. |
|---|
| Quelle | ⚠️ https://github.com/Zephkek/TP-1450 |
|---|
| Benutzer | Mohamed Maatallah (UID 77278) |
|---|
| Einreichung | 26.11.2024 18:44 (vor 2 Jahren) |
|---|
| Moderieren | 08.12.2024 08:51 (12 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 287265 [TP-Link VN020 F3v(T) TT_V6.2.1021 FTP USER Command Pufferüberlauf] |
|---|
| Punkte | 20 |
|---|