提出 #446212: TP-Link VN020 F3v(T) ISP Routers Hardware Version: 1.0 / Firmware Version: TT_V6.2.1021 Memory Corruption & DOS情報

タイトルTP-Link VN020 F3v(T) ISP Routers Hardware Version: 1.0 / Firmware Version: TT_V6.2.1021 Memory Corruption & DOS
説明Two critical vulnerabilities identified in the UPnP implementation of TP-Link VN020-F3v(T) specifically affecting routers deployed by Tunisie Telecom and Topnet and other variants in Algeria and Morocoo. These vulnerabilities allow unauthenticated attackers to cause a DOS and memory corruption remotely and unauthenticated through a single malformed SOAP request over UPnP, this affects firmware version TT_V6.2.1021 which is running UPnP version: UPnP/1.0 BLR-TX4S/1.0, analysis has been done based on the routers behavior and network inspection and it's been tested on the tunisian variants of this router and this is confirmed to also exist on the maghreb and algerian versions, due to the same ISPs using the same vulnerable firmware build just with rebranding for this router more detailed analysis in the advisory.
ソース⚠️ https://github.com/Zephkek/TP-WANPunch/blob/main/README.md
ユーザー
 Mohamed Maatallah (UID 77278)
送信2024年11月17日 21:23 (2 年 ago)
モデレーション2024年12月07日 17:31 (20 days later)
ステータス承諾済み
VulDBエントリ287262 [TP-Link VN020 F3v(T) TT_V6.2.1021 SOAP Request /control/WANIPConnection NewConnectionType メモリ破損]
ポイント20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!