CVE-2022-24019 CRITICAL

CVE-2022-24019

Vendor Tcl
Product LinkHub Mesh Wifi
Weakness CWE-120
Published August 5, 2022
Last update April 15, 2025

CVSS base score

9.6/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the netctrl binary.

Key dates

02Disclosure timeline

August 5, 2022 CVE published
April 15, 2025 Record updated