ID
VAR-202003-1473
CVE
CVE-2020-9375
TITLE
TP-Link Archer C50 V3 Vulnerability in lack of resource release after valid lifetime on device
Trust: 0.8
sources:
JVNDB: JVNDB-2020-003497
DESCRIPTION
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field. TP-Link Archer C50 V3 The device is vulnerable to a lack of resource release after a valid lifetime.Service operation interruption (DoS) It may be put into a state. 62209 before version
Trust: 2.25
sources:
NVD: CVE-2020-9375 //
JVNDB: JVNDB-2020-003497 //
CNVD: CNVD-2020-19940 //
VULMON: CVE-2020-9375
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
sources:
CNVD: CNVD-2020-19940
AFFECTED PRODUCTS
| vendor: | tp link | model: | archer c50 | scope: | eq | version: | build_200318 | Trust: 1.0 |
| vendor: | tp link | model: | archer c50 | scope: | eq | version: | build_170822 | Trust: 1.0 |
| vendor: | tp link | model: | archer c50 | scope: | eq | version: | build_171227 | Trust: 1.0 |
| vendor: | tp link | model: | archer c50 | scope: | eq | version: | build 200318 | Trust: 0.8 |
| vendor: | tp link | model: | archer c50 build rel. | scope: | lt | version: | v320031862209 | Trust: 0.6 |
sources:
CNVD: CNVD-2020-19940 //
JVNDB: JVNDB-2020-003497 //
NVD: CVE-2020-9375
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
sources:
CNVD: CNVD-2020-19940 //
VULMON: CVE-2020-9375 //
JVNDB: JVNDB-2020-003497 //
NVD: CVE-2020-9375 //
CNNVD: CNNVD-202003-1578
PROBLEMTYPE DATA
| problemtype: | CWE-772 | Trust: 1.8 |
sources:
JVNDB: JVNDB-2020-003497 //
NVD: CVE-2020-9375
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202003-1578
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202003-1578
CONFIGURATIONS
sources:
NVD: CVE-2020-9375
PATCH
| title: | Download for Archer C50 V3 | url: | https://www.tp-link.com/in/support/download/archer-c50/v3/#firmware | Trust: 0.8 |
| title: | Patch for TP-Link Archer C50 Denial of Service Vulnerability | url: | https://www.cnvd.org.cn/patchinfo/show/211357 | Trust: 0.6 |
| title: | TP-Link Archer C50 Security vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=112989 | Trust: 0.6 |
| title: | cve-2020-9375 | url: | https://github.com/thewhiteh4t/cve-2020-9375 | Trust: 0.1 |
| title: | PoC | url: | https://github.com/jonathan-elias/poc | Trust: 0.1 |
| title: | CVE-POC | url: | https://github.com/0xt11/cve-poc | Trust: 0.1 |
| title: | PoC-in-GitHub | url: | https://github.com/developer3000s/poc-in-github | Trust: 0.1 |
| title: | PoC-in-GitHub | url: | https://github.com/nomi-sec/poc-in-github | Trust: 0.1 |
| title: | PoC-in-GitHub | url: | https://github.com/hectorgie/poc-in-github | Trust: 0.1 |
sources:
CNVD: CNVD-2020-19940 //
VULMON: CVE-2020-9375 //
JVNDB: JVNDB-2020-003497 //
CNNVD: CNNVD-202003-1578
EXTERNAL IDS
| db: | NVD | id: | CVE-2020-9375 | Trust: 3.1 |
| db: | PACKETSTORM | id: | 156928 | Trust: 1.7 |
| db: | JVNDB | id: | JVNDB-2020-003497 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2020-19940 | Trust: 0.6 |
| db: | EXPLOIT-DB | id: | 48255 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202003-1578 | Trust: 0.6 |
| db: | VULMON | id: | CVE-2020-9375 | Trust: 0.1 |
sources:
CNVD: CNVD-2020-19940 //
VULMON: CVE-2020-9375 //
JVNDB: JVNDB-2020-003497 //
NVD: CVE-2020-9375 //
CNNVD: CNNVD-202003-1578
REFERENCES
| url: | https://www.tp-link.com/in/support/download/archer-c50/v3/#firmware | Trust: 1.7 |
| url: | https://thewhiteh4t.github.io/2020/02/27/cve-2020-9375-tp-link-archer-c50-v3-denial-of-service.html | Trust: 1.7 |
| url: | http://packetstormsecurity.com/files/156928/tp-link-archer-c50-v3-denial-of-service.html | Trust: 1.7 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2020-9375 | Trust: 1.4 |
| url: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9375 | Trust: 0.8 |
| url: | https://www.exploit-db.com/exploits/48255 | Trust: 0.6 |
| url: | https://cwe.mitre.org/data/definitions/772.html | Trust: 0.1 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
| url: | https://github.com/thewhiteh4t/cve-2020-9375 | Trust: 0.1 |
sources:
VULMON: CVE-2020-9375 //
JVNDB: JVNDB-2020-003497 //
NVD: CVE-2020-9375 //
CNNVD: CNNVD-202003-1578
CREDITS
thewhiteh4t
Trust: 0.6
sources:
CNNVD: CNNVD-202003-1578
SOURCES
| db: | CNVD | id: | CNVD-2020-19940 |
| db: | VULMON | id: | CVE-2020-9375 |
| db: | JVNDB | id: | JVNDB-2020-003497 |
| db: | NVD | id: | CVE-2020-9375 |
| db: | CNNVD | id: | CNNVD-202003-1578 |
LAST UPDATE DATE
2023-12-18T13:01:48.542000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2020-19940 | date: | 2020-03-29T00:00:00 |
| db: | VULMON | id: | CVE-2020-9375 | date: | 2020-03-31T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-003497 | date: | 2020-04-17T00:00:00 |
| db: | NVD | id: | CVE-2020-9375 | date: | 2020-03-31T14:44:08.800 |
| db: | CNNVD | id: | CNNVD-202003-1578 | date: | 2020-04-01T00:00:00 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2020-19940 | date: | 2020-03-28T00:00:00 |
| db: | VULMON | id: | CVE-2020-9375 | date: | 2020-03-25T00:00:00 |
| db: | JVNDB | id: | JVNDB-2020-003497 | date: | 2020-04-17T00:00:00 |
| db: | NVD | id: | CVE-2020-9375 | date: | 2020-03-25T15:15:11.680 |
| db: | CNNVD | id: | CNNVD-202003-1578 | date: | 2020-03-25T00:00:00 |