// For flags

CVE-2019-13614

 

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and earlier is prone to a stack-based buffer overflow, which allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server.

CMD_SET_CONFIG_COUNTRY en el protocolo Device Debug de TP-Link en enrutador Archer C1200 de TP-Link versiones 1.0.0 Build 20180502 rel.45702 y anteriores, es propensa a un desbordamiento de búfer en la región stack de la memoria, lo que permite a un atacante remoto lograr la ejecución de código o la denegación de servicio mediante el envío de una carga útil diseñada hacia el servidor de escucha.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-07-16 CVE Reserved
  • 2019-07-17 CVE Published
  • 2023-08-26 EPSS Updated
  • 2024-08-04 CVE Updated
  • 2024-08-04 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-787: Out-of-bounds Write
CAPEC
References (1)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Tp-link
Search vendor "Tp-link"
Archer C1200 Firmware
Search vendor "Tp-link" for product "Archer C1200 Firmware"
1.0.0
Search vendor "Tp-link" for product "Archer C1200 Firmware" and version "1.0.0"
170413
Affected
in Tp-link
Search vendor "Tp-link"
Archer C1200
Search vendor "Tp-link" for product "Archer C1200"
--
Safe
Tp-link
Search vendor "Tp-link"
Archer C1200 Firmware
Search vendor "Tp-link" for product "Archer C1200 Firmware"
1.0.0
Search vendor "Tp-link" for product "Archer C1200 Firmware" and version "1.0.0"
180103
Affected
in Tp-link
Search vendor "Tp-link"
Archer C1200
Search vendor "Tp-link" for product "Archer C1200"
--
Safe
Tp-link
Search vendor "Tp-link"
Archer C1200 Firmware
Search vendor "Tp-link" for product "Archer C1200 Firmware"
1.0.0
Search vendor "Tp-link" for product "Archer C1200 Firmware" and version "1.0.0"
180123
Affected
in Tp-link
Search vendor "Tp-link"
Archer C1200
Search vendor "Tp-link" for product "Archer C1200"
--
Safe
Tp-link
Search vendor "Tp-link"
Archer C1200 Firmware
Search vendor "Tp-link" for product "Archer C1200 Firmware"
1.0.0
Search vendor "Tp-link" for product "Archer C1200 Firmware" and version "1.0.0"
20180502
Affected
in Tp-link
Search vendor "Tp-link"
Archer C1200
Search vendor "Tp-link" for product "Archer C1200"
--
Safe