CVE-2023-30383

Severity Score

7.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Attend

*SSVC

Descriptions

TP-LINK Archer C50v2 Archer C50(US)_V2_160801, TP-LINK Archer C20v1 Archer_C20_V1_150707, and TP-LINK Archer C2v1 Archer_C2_US__V1_170228 were discovered to contain a buffer overflow which may lead to a Denial of Service (DoS) when parsing crafted data.

*Credits: N/A

CVSS Scores

NISTv3.1 7.5

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Attend

Exploitation

None

Automatable

Yes

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2023-04-07 CVE Reserved
2023-07-18 CVE Published
2024-10-22 EPSS Updated
2024-10-28 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CAPEC

References (5)

URL	Tag	Source
http://tplink.com	Product
https://gist.github.com/a2ure123/a4eda2813d85d8b414bb87e855ab4bf8	Third Party Advisory
https://www.tp-link.com/us/support/download/archer-c2/v1/#Firmware	Product
https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware	Product
https://www.tp-link.com/us/support/download/archer-c50/v2/#Firmware%29%2CTPLINK

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Tp-link Search vendor "Tp-link"	Archer C2 V1 Firmware Search vendor "Tp-link" for product "Archer C2 V1 Firmware"	170228 Search vendor "Tp-link" for product "Archer C2 V1 Firmware" and version "170228"	-	Affected	in	Tp-link Search vendor "Tp-link"	Archer C2 V1 Search vendor "Tp-link" for product "Archer C2 V1"	-	-	Safe
Tp-link Search vendor "Tp-link"	Archer C20 Firmware Search vendor "Tp-link" for product "Archer C20 Firmware"	150707 Search vendor "Tp-link" for product "Archer C20 Firmware" and version "150707"	-	Affected	in	Tp-link Search vendor "Tp-link"	Archer C20 Search vendor "Tp-link" for product "Archer C20"	1 Search vendor "Tp-link" for product "Archer C20" and version "1"	-	Safe
Tp-link Search vendor "Tp-link"	Archer C50 Firmware Search vendor "Tp-link" for product "Archer C50 Firmware"	160801 Search vendor "Tp-link" for product "Archer C50 Firmware" and version "160801"	-	Affected	in	Tp-link Search vendor "Tp-link"	Archer C50 Search vendor "Tp-link" for product "Archer C50"	2 Search vendor "Tp-link" for product "Archer C50" and version "2"	-	Safe