CVE-2024-12342 HIGH

CVE-2024-12342: TP-Link VN020 F3v(T) Incomplete SOAP Request WANIPConnection denial of service

Vendor Tp-Link
Product VN020 F3v(T)
Weakness CWE-404
Published December 8, 2024
Last update December 9, 2024

CVSS base score

7.1/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A vulnerability was found in TP-Link VN020 F3v(T) TT_V6.2.1021. It has been rated as critical. This issue affects some unknown processing of the file /control/WANIPConnection of the component Incomplete SOAP Request Handler. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.

Key dates

02Disclosure timeline

December 8, 2024 CVE published
December 9, 2024 Record updated