Details of VAR-202202-0237

ID

VAR-202202-0237

CVE

CVE-2022-24353

TITLE

TP-LINK Technologies of AC 1750 Out-of-bounds read vulnerability in firmware

Trust: 0.8

sources: JVNDB: JVNDB-2022-022088

DESCRIPTION

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link AC1750 1.1.4 Build 20211022 rel.59103(5553) routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the NetUSB.ko module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-15769. TP-LINK Technologies of AC 1750 An out-of-bounds read vulnerability exists in firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 2.34

sources: NVD: CVE-2022-24353 // JVNDB: JVNDB-2022-022088 // ZDI: ZDI-22-263 // VULMON: CVE-2022-24353

AFFECTED PRODUCTS

vendor:	tp link	model:	ac1750	scope:	lt	version:	211210	Trust: 1.0
vendor:	tp link	model:	ac 1750	scope:	eq	version:	-	Trust: 0.8
vendor:	tp link	model:	ac 1750	scope:	eq	version:	ac 1750 firmware 211210	Trust: 0.8
vendor:	tp link	model:	ac 1750	scope:	-	version:	-	Trust: 0.8
vendor:	tp link	model:	ac1750	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-22-263 // JVNDB: JVNDB-2022-022088 // NVD: CVE-2022-24353

CVSS

SEVERITY

CVSSV2

CVSSV3

zdi-disclosures@trendmicro.com:	CVE-2022-24353
value:	HIGH
Trust: 1.0
nvd@nist.gov:	CVE-2022-24353
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-24353
value:	HIGH
Trust: 0.8
ZDI:	CVE-2022-24353
value:	HIGH
Trust: 0.7
CNNVD:	CNNVD-202202-943
value:	HIGH
Trust: 0.6

zdi-disclosures@trendmicro.com:	CVE-2022-24353
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 1.8
nvd@nist.gov:	CVE-2022-24353
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.1
Trust: 1.0
ZDI:	CVE-2022-24353
baseSeverity:	HIGH
baseScore:	8.8
vectorString:	AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.8
impactScore:	5.9
version:	3.0
Trust: 0.7

sources: ZDI: ZDI-22-263 // JVNDB: JVNDB-2022-022088 // CNNVD: CNNVD-202202-943 // NVD: CVE-2022-24353 // NVD: CVE-2022-24353

PROBLEMTYPE DATA

problemtype:	CWE-125	Trust: 1.0
problemtype:	Out-of-bounds read (CWE-125) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-022088 // NVD: CVE-2022-24353

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202202-943

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202202-943

PATCH

title:

TP-Link AC1750 Buffer error vulnerability fix

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=181984

Trust: 0.6

sources: CNNVD: CNNVD-202202-943

EXTERNAL IDS

db:	NVD	id:	CVE-2022-24353	Trust: 4.0
db:	ZDI	id:	ZDI-22-263	Trust: 3.2
db:	JVNDB	id:	JVNDB-2022-022088	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-15769	Trust: 0.7
db:	CS-HELP	id:	SB2022021403	Trust: 0.6
db:	CNNVD	id:	CNNVD-202202-943	Trust: 0.6
db:	VULMON	id:	CVE-2022-24353	Trust: 0.1

sources: ZDI: ZDI-22-263 // VULMON: CVE-2022-24353 // JVNDB: JVNDB-2022-022088 // CNNVD: CNNVD-202202-943 // NVD: CVE-2022-24353

REFERENCES

url:	https://www.zerodayinitiative.com/advisories/zdi-22-263/	Trust: 3.2
url:	https://nvd.nist.gov/vuln/detail/cve-2022-24353	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-24353/	Trust: 0.6
url:	https://www.cybersecurity-help.cz/vdb/sb2022021403	Trust: 0.6
url:	https://cwe.mitre.org/data/definitions/125.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULMON: CVE-2022-24353 // JVNDB: JVNDB-2022-022088 // CNNVD: CNNVD-202202-943 // NVD: CVE-2022-24353

CREDITS

Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com)

Trust: 1.3

sources: ZDI: ZDI-22-263 // CNNVD: CNNVD-202202-943

SOURCES

db:	ZDI	id:	ZDI-22-263
db:	VULMON	id:	CVE-2022-24353
db:	JVNDB	id:	JVNDB-2022-022088
db:	CNNVD	id:	CNNVD-202202-943
db:	NVD	id:	CVE-2022-24353

LAST UPDATE DATE

2024-08-14T14:18:09.171000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-22-263	date:	2022-02-10T00:00:00
db:	VULMON	id:	CVE-2022-24353	date:	2023-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-022088	date:	2023-11-15T04:45:00
db:	CNNVD	id:	CNNVD-202202-943	date:	2023-04-07T00:00:00
db:	NVD	id:	CVE-2022-24353	date:	2023-04-06T19:13:42.677

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-22-263	date:	2022-02-10T00:00:00
db:	VULMON	id:	CVE-2022-24353	date:	2023-03-28T00:00:00
db:	JVNDB	id:	JVNDB-2022-022088	date:	2023-11-15T00:00:00
db:	CNNVD	id:	CNNVD-202202-943	date:	2022-02-10T00:00:00
db:	NVD	id:	CVE-2022-24353	date:	2023-03-28T19:15:10.653