CVE-2022-24026

Name of the Vulnerable Software and Affected Versions TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14

Description A buffer overflow vulnerability exists in the GetValue functionality. This issue can be triggered by a specially-crafted configuration value, leading to a buffer overflow. An attacker can modify a configuration value to exploit this vulnerability, potentially causing a denial of service. The vulnerability is related to the handling of the telnet ate monitor binary.

Recommendations For TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14, consider disabling the GetValue functionality until a patch is available to prevent exploitation. Restrict access to the telnet ate monitor binary to minimize the risk of triggering the buffer overflow. Avoid using specially-crafted configuration values that could lead to the buffer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.