ID
VAR-202410-3122
CVE
CVE-2024-48713
TITLE
TP-LINK Technologies of TL-WDR7660 Classic buffer overflow vulnerability in firmware
Trust: 0.8
DESCRIPTION
In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities. TP-LINK Technologies of TL-WDR7660 Firmware has a classic buffer overflow vulnerability.Service operation interruption (DoS) It may be in a state. TP-LINK TL-WDR7660 is a Gigabit router from TP-LINK of China. TP-LINK TL-WDR7660 version 1.0 has a buffer overflow vulnerability. A remote attacker can exploit this vulnerability to execute arbitrary code on the system or cause a denial of service attack
Trust: 2.16
IOT TAXONOMY
| category: | ['Network device'] | sub_category: | - | Trust: 0.6 |
AFFECTED PRODUCTS
| vendor: | tp link | model: | tl-wdr7660 | scope: | eq | version: | 1.0 | Trust: 1.6 |
| vendor: | tp link | model: | tl-wdr7660 | scope: | eq | version: | tl-wdr7660 firmware 1.0 | Trust: 0.8 |
| vendor: | tp link | model: | tl-wdr7660 | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | tp link | model: | tl-wdr7660 | scope: | - | version: | - | Trust: 0.8 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-120 | Trust: 1.0 |
| problemtype: | Classic buffer overflow (CWE-120) [ others ] | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2024-48713 | Trust: 3.2 |
| db: | JVNDB | id: | JVNDB-2024-024158 | Trust: 0.8 |
| db: | CNVD | id: | CNVD-2025-02853 | Trust: 0.6 |
REFERENCES
| url: | https://github.com/sezangel/iot-vul/blob/main/tplink/tl-wdr7660/4/read.md | Trust: 1.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2024-48713 | Trust: 1.4 |
SOURCES
| db: | CNVD | id: | CNVD-2025-02853 |
| db: | JVNDB | id: | JVNDB-2024-024158 |
| db: | NVD | id: | CVE-2024-48713 |
LAST UPDATE DATE
2025-05-27T23:28:17.203000+00:00
SOURCES UPDATE DATE
| db: | CNVD | id: | CNVD-2025-02853 | date: | 2025-02-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2024-024158 | date: | 2025-05-23T02:52:00 |
| db: | NVD | id: | CVE-2024-48713 | date: | 2025-05-21T20:27:36.173 |
SOURCES RELEASE DATE
| db: | CNVD | id: | CNVD-2025-02853 | date: | 2025-02-13T00:00:00 |
| db: | JVNDB | id: | JVNDB-2024-024158 | date: | 2025-05-23T00:00:00 |
| db: | NVD | id: | CVE-2024-48713 | date: | 2024-10-15T21:15:11.227 |