PT-2022-4671 · Tcl · Tcl Linkhub Mesh Wi-Fi
Carl Hurd
·
Published
2022-08-05
·
Updated
2022-08-08
·
CVE-2022-24005
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14
Description
A buffer overflow issue exists in the GetValue functionality, which can be triggered by a specially-crafted configuration value. This allows an attacker to modify a configuration value, potentially leading to a buffer overflow. The vulnerability is related to the ap steer binary and can cause a denial of service when exploited.
Recommendations
For TCL LinkHub Mesh Wi-Fi MS1G 00 01.00 14, consider restricting access to the GetValue functionality until a patch is available.
As a temporary workaround, avoid using the ap steer binary to minimize the risk of exploitation.
Exploit
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tcl Linkhub Mesh Wi-Fi