Details of VAR-202202-0235

ID

VAR-202202-0235

CVE

CVE-2022-24352

TITLE

TP-LINK Technologies of AC 1750 Out-of-bounds read vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-022089

DESCRIPTION

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 prior to 211210 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko kernel module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15773. TP-LINK Technologies of AC 1750 An out-of-bounds read vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 2.34

sources: NVD: CVE-2022-24352 // JVNDB: JVNDB-2022-022089 // ZDI: ZDI-22-262 // VULMON: CVE-2022-24352

AFFECTED PRODUCTS

vendor:	tp link	model:	ac1750	scope:	lt	version:	211210	Trust: 1.0
vendor:	tp link	model:	ac 1750	scope:	eq	version:	-	Trust: 0.8
vendor:	tp link	model:	ac 1750	scope:	eq	version:	ac 1750 firmware 211210	Trust: 0.8
vendor:	tp link	model:	ac 1750	scope:	-	version:	-	Trust: 0.8
vendor:	tp link	model:	ac1750	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-22-262 // JVNDB: JVNDB-2022-022089 // NVD: CVE-2022-24352

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2022-24352
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2022-24352
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-24352
value:	HIGH
Trust: 0.8
ZDI:	CVE-2022-24352
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202202-944
value:	HIGH
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2022-24352
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2022-24352
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2022-24352
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-262 // JVNDB: JVNDB-2022-022089 // CNNVD: CNNVD-202202-944 // NVD: CVE-2022-24352 // NVD: CVE-2022-24352

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-022089 // NVD: CVE-2022-24352

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202202-944

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202202-944

PATCH

title:

Tp-link AC1750 Buffer error vulnerability fix

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=181985

Trust: 0.6

sources: CNNVD: CNNVD-202202-944

EXTERNAL IDS

db:	NVD	id:	CVE-2022-24352	Trust: 4.0
db:	ZDI	id:	ZDI-22-262	Trust: 3.2
db:	JVNDB	id:	JVNDB-2022-022089	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-15773	Trust: 0.7
db:	CS-HELP	id:	SB2022021403	Trust: 0.6
db:	CNNVD	id:	CNNVD-202202-944	Trust: 0.6
db:	VULMON	id:	CVE-2022-24352	Trust: 0.1

sources: ZDI: ZDI-22-262 // VULMON: CVE-2022-24352 // JVNDB: JVNDB-2022-022089 // CNNVD: CNNVD-202202-944 // NVD: CVE-2022-24352

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-22-262/	Trust: 3.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-24352	Trust: 0.8
url:	https://www.cybersecurity-help.cz/vdb/sb2022021403	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-24352/	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2022-24352 // JVNDB: JVNDB-2022-022089 // CNNVD: CNNVD-202202-944 // NVD: CVE-2022-24352

CREDITS

trichimtrich and nyancat0131

Trust: 1.3

sources: ZDI: ZDI-22-262 // CNNVD: CNNVD-202202-944

SOURCES

db:	ZDI	id:	ZDI-22-262
db:	VULMON	id:	CVE-2022-24352
db:	JVNDB	id:	JVNDB-2022-022089
db:	CNNVD	id:	CNNVD-202202-944
db:	NVD	id:	CVE-2022-24352

LAST UPDATE DATE

2024-08-14T14:18:09.104000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-262	date:	2022-02-10T00:00:00
db:	VULMON	id:	CVE-2022-24352	date:	2023-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-022089	date:	2023-11-15T04:46:00
db:	CNNVD	id:	CNNVD-202202-944	date:	2023-04-07T00:00:00
db:	NVD	id:	CVE-2022-24352	date:	2023-04-06T19:14:28.220

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-262	date:	2022-02-10T00:00:00
db:	VULMON	id:	CVE-2022-24352	date:	2023-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-022089	date:	2023-11-15T00:00:00
db:	CNNVD	id:	CNNVD-202202-944	date:	2022-02-10T00:00:00
db:	NVD	id:	CVE-2022-24352	date:	2023-03-28T19:15:10.573