cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-12344,https://securityvulnerability.io/vulnerability/CVE-2024-12344,Memory Corruption Vulnerability in TP-Link VN020 F3v(T) Product,"CVE-2024-12344 represents a severe vulnerability identified in TP-Link's VN020 F3v(T) product line, specifically in firmware version TT_V6.2.1021. The vulnerability is triggered through the FTP USER Command Handler component, leading to potential memory corruption. This flaw can be exploited remotely, allowing attackers to manipulate the system without physical access. Given the public disclosure of the exploit, it is critical for users and administrators to apply necessary security updates and implement protective measures to mitigate risks.",Tp-link,Vn020 F3v(t),9.8,CRITICAL,0.0028099999763071537,false,false,false,true,true,false,false,2024-12-08T23:15:00.000Z,0
CVE-2024-12343,https://securityvulnerability.io/vulnerability/CVE-2024-12343,Buffer Overflow Vulnerability in TP-Link VN020 F3v(T) SOAP Request Handler,"CVE-2024-12343 identifies a critical buffer overflow vulnerability in the TP-Link VN020 F3v(T) TT_V6.2.1021 associated with the SOAP Request Handler's /control/WANIPConnection endpoint. This vulnerability can be exploited by manipulating the NewConnectionType argument, potentially allowing attackers within the local network to execute arbitrary code or cause a denial of service (DoS). As the exploit has been disclosed publicly, it emphasizes the urgency for users and network administrators to apply necessary patches and mitigate risks associated with this critical vulnerability.",Tp-link,Vn020 F3v(t),8.8,HIGH,0.0007200000109151006,false,false,false,true,true,false,false,2024-12-08T09:31:05.401Z,0
CVE-2024-12342,https://securityvulnerability.io/vulnerability/CVE-2024-12342,Denial of Service Vulnerability in TP-Link VN020 F3v(T) Devices,"A critical vulnerability has been identified in the TP-Link VN020 F3v(T) devices, specifically in the Incomplete SOAP Request Handler of the /control/WANIPConnection file. This vulnerability can lead to a denial of service (DoS) condition, disrupting the normal operation of the affected devices. The issue can only be exploited from within the local network, thus posing a threat primarily to internal users. The details of this vulnerability have been publicly disclosed, and users are advised to take protective measures to mitigate potential exploitation.",Tp-link,Vn020 F3v(t),6.5,MEDIUM,0.00044999999227002263,false,false,false,true,true,false,false,2024-12-08T06:31:05.109Z,0
CVE-2024-53375,https://securityvulnerability.io/vulnerability/CVE-2024-53375,Remote Code Execution Vulnerability in TP-Link Archer Routers,"The vulnerability CVE-2024-53375 affects TP-Link routers, allowing attackers to execute remote code and inject malicious commands, leading to potential exploitation of the devices. The vulnerability affects the HomeShield functionality and can be exploited without the installation or activation of the HomeShield functionality. The flaw resides in the firmware of the routers, allowing attackers to execute arbitrary commands with root privileges, gaining full control over the device. It is important for TP-Link users to update their router firmware as soon as TP-Link releases a patch to mitigate the risk of exploitation.",TP-Link,,,,0.0004299999854993075,false,true,false,true,,false,false,2024-12-02T00:00:00.000Z,0
CVE-2024-11237,https://securityvulnerability.io/vulnerability/CVE-2024-11237,Stack-based Buffer Overflow in TP-Link VN020 F3v(T) DHCP Component,"A significant security flaw has been identified in the TP-Link VN020 F3v(T) device, specifically within its DHCP DISCOVER packet parser. This vulnerability allows for a stack-based buffer overflow, which could be exploited remotely. Attackers can manipulate the hostname argument, leading to potential unauthorized access and control over affected devices. With the exploit made public, it poses a serious threat to users who have not yet secured their systems. It is vital for organizations using this product to implement necessary security patches and maintain vigilant monitoring to mitigate any risks associated with this vulnerability.",Tp-link,Vn020 F3v(t),9.8,CRITICAL,0.002839999971911311,false,false,false,true,true,false,false,2024-11-15T12:00:15.886Z,0
CVE-2024-2188,https://securityvulnerability.io/vulnerability/CVE-2024-2188,Unauthenticated XSS Vulnerability in TP-Link Archer AX50 Firmware,"Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded.",Tp-link,Archer Ax50,6.1,MEDIUM,0.0004299999854993075,false,false,false,true,true,false,false,2024-03-05T12:15:25.297Z,0
CVE-2023-43482,https://securityvulnerability.io/vulnerability/CVE-2023-43482,Arbitrary Command Execution Vulnerability in Tp-Link Omada Gigabit VPN Router,"A vulnerability exists within the guest resource functionality of the Tp-Link ER7206 Omada Gigabit VPN Router that could allow an attacker to execute arbitrary commands. This flaw is triggered through specially crafted HTTP requests made by an authenticated user. Exploitation of this vulnerability may lead to unauthorized command execution, posing a significant risk to the integrity and security of affected systems. Users are strongly advised to implement appropriate security measures to mitigate potential threats.",Tp-Link,ER7206 Omada Gigabit VPN Router,7.2,HIGH,0.0004199999966658652,false,false,false,true,true,false,false,2024-02-06T16:20:15.812Z,0