PT-2022-16407 · Tcl · Tcl Linkhub Mesh Wi-Fi
Carl Hurd
·
Published
2022-08-05
·
Updated
2022-08-08
·
CVE-2022-24006
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14
Description
A buffer overflow issue exists in the GetValue functionality. This can be triggered by a specially-crafted configuration value, allowing an attacker to modify the configuration and cause a buffer overflow. The vulnerability is related to the arpbrocast binary.
Recommendations
For TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14, consider disabling the GetValue functionality until a patch is available to prevent potential exploitation. Restrict access to configuration values to minimize the risk of triggering the buffer overflow.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tcl Linkhub Mesh Wi-Fi