PT-2022-18270 · Tcl · Tcl Linkhub Mesh Wi-Fi
Carl Hurd
·
Published
2022-08-05
·
Updated
2022-08-09
·
CVE-2022-27178
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14
Description
A denial of service issue exists in the confctl set wan cfg functionality. It can be triggered by a specially-crafted network packet, leading to denial of service. An attacker can exploit this by sending specific packets.
Recommendations
For version 01.00 14, consider restricting access to the confctl set wan cfg functionality until a patch is available. As a temporary workaround, network traffic should be monitored closely to detect and block suspicious packets that could trigger this issue.
Exploit
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Tcl Linkhub Mesh Wi-Fi