POC详情: ab2ffab684167618da8f10ac74ae71fd377adf22

来源
https://github.com/Jianchun-Ding/CVE-poc-update
关联漏洞
标题: TP-Link TL-WDR7660 缓冲区错误漏洞 (CVE-2023-46371)
描述:TP-LINK TL-WDR7660是中国普联(TP-LINK)公司的一款千兆路由器。 TP-Link TL-WDR7660 2.0.30版本存在安全漏洞,该漏洞源于upgradeInfoJsonToBin函数存在堆栈溢出。
描述
CVE-2023-46371 and CVE-2023-46527 update
介绍
# CVE-poc-update
CVE-2023-46371 and CVE-2023-46527 update

`CVE-2023-46371`: A new device is discovered containing the same vulnerability:`CVE-2023-46371` vulnerability was discovered on `TP_WR886N 2.0.12` device.TP-Link device `TL-WDR7660 2.0.30` and `TL-WR886N 2.0.12` have a stack overflow vulnerability via the function upgradeInfoJsonToBin.

`CVE-2023-46527`: A new device is discovered containing the same vulnerability:`CVE-2023-46527` vulnerability was discovered on `TL-WDR7660 2.0.30` device. TP-LINK device `TL-WR886N V7.0_3.0.14_Build_221115_Rel.56908n.bin` and `TL-WDR7660 2.0.30` were discovered to contain a stack overflow via the function bindRequestHandle.
文件快照

 [4.0K]  /data/pocs/ab2ffab684167618da8f10ac74ae71fd377adf22
├── [4.0K]  CVE提交更新
│   ├── [4.0K]  CVE-2023-46371
│   │   ├── [ 504]  CVE-2023-46371.py
│   │   └── [1.4M]  CVE-2023-46371在TP_WR886N_2.0.12上复现.mp4
│   └── [4.0K]  CVE-2023-46527
│       ├── [ 363]  CVE-2023-46527.py
│       └── [1.3M]  CVE-2023-46527在TP_wdr7660_2.0.30复现.mp4
└── [ 673]  README.md

3 directories, 5 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。