First published: Fri Aug 05 2022(Updated: )
A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
Credit: talos-cna@cisco.com
Affected Software | Affected Version | How to fix |
---|---|---|
Tcl Linkhub Mesh Wifi Ac1200 | =ms1g_00_01.00_14 | |
Tcl Linkhub Mesh Wifi Ac1200 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-26009 is a stack-based buffer overflow vulnerability in the confsrv ucloud_set_node_location function of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14.
The CVE-2022-26009 vulnerability occurs when a specially-crafted network packet is sent to the TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14, triggering a stack-based buffer overflow.
CVE-2022-26009 has a severity rating of 9.8, which is considered critical.
An attacker can exploit the CVE-2022-26009 vulnerability by sending a malicious packet to the TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14 device.
Yes, the TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14 device is vulnerable to CVE-2022-26009.