ID
VAR-202408-2205
CVE
CVE-2024-42815
TITLE
TP-Link Technology Co., Ltd. RE365 Buffer Overflow Vulnerability
Trust: 0.6
sources:
CNVD: CNVD-2024-36350
DESCRIPTION
In the TP-Link RE365 V1_180213, there is a buffer overflow vulnerability due to the lack of length verification for the USER_AGENT field in /usr/bin/httpd. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. RE365 is a WiFi range extender from TP-LINK, a Chinese company. TP-LINK Technology Co., Ltd
Trust: 1.44
sources:
NVD: CVE-2024-42815 //
CNVD: CNVD-2024-36350
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2024-36350
AFFECTED PRODUCTS
| vendor: | tp link | model: | re365 v1 180213 | scope: | - | version: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2024-36350
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2024-36350 //
NVD: CVE-2024-42815
PROBLEMTYPE DATA
| problemtype: | CWE-787 | Trust: 1.0 |
sources:
NVD: CVE-2024-42815
PATCH
| title: | Patch for TP-Link Technology Co., Ltd. RE365 Buffer Overflow Vulnerability | url: | https://www.cnvd.org.cn/patchInfo/show/584461 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-36350
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-42815 | Trust: 1.6 |
| db: | CNVD | id: | CNVD-2024-36350 | Trust: 0.6 |
sources:
CNVD: CNVD-2024-36350 //
NVD: CVE-2024-42815
REFERENCES
| url: | https://gist.github.com/xiaocurry/14d46e0becd79d9bb9907f2fbe147cfe | Trust: 1.6 |
| url: | https://securityonline.info/cve-2024-42815-cvss-9-8-buffer-overflow-flaw-in-tp-link-routers-opens-door-to-rce/ | Trust: 1.0 |
sources:
CNVD: CNVD-2024-36350 //
NVD: CVE-2024-42815
SOURCES
| db: | CNVD | id: | CNVD-2024-36350 |
| db: | NVD | id: | CVE-2024-42815 |
LAST UPDATE DATE
2024-10-25T23:24:34.620000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2024-36350 | date: | 2024-08-23T00:00:00 |
| db: | NVD | id: | CVE-2024-42815 | date: | 2024-10-24T20:35:07.330 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2024-36350 | date: | 2024-08-23T00:00:00 |
| db: | NVD | id: | CVE-2024-42815 | date: | 2024-08-19T20:15:07.193 |