Описание
CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:o:tp-link:archer_c1200_firmware:1.0.0:170413:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_c1200_firmware:1.0.0:180103:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_c1200_firmware:1.0.0:180123:*:*:*:*:*:*
cpe:2.3:o:tp-link:archer_c1200_firmware:1.0.0:20180502:*:*:*:*:*:*
cpe:2.3:h:tp-link:archer_c1200:-:*:*:*:*:*:*:*
EPSS
Процентиль: 85%
0.02452
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787
Связанные уязвимости
github
больше 3 лет назад
CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server.
EPSS
Процентиль: 85%
0.02452
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-787