CVE-2024-37662

MEDIUM Year: 2024
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-940
View all →

Vulnerability Description

TP-LINK TL-7DR5130 v1.0.23 is vulnerable to TCP DoS or hijacking attacks. An attacker in the same WLAN as the victim can disconnect or hijack the traffic between the victim and any remote server by sending out forged TCP RST messages to evict NAT mappings in the router.

Related Vulnerabilities

CVE-2024-0009

MEDIUM
CVSS:6.3(Medium)

An improper verification vulnerability in the GlobalProtect gateway feature of Palo Alto Networks PAN-OS software enables a malicious user with stolen credentials to establish a VPN connection from an...

CWE-9402024

CVE-2021-41038

MEDIUM
CVSS:6.1(Medium)

In versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage().

CWE-9402021

CVE-2023-7004

MEDIUM
CVSS:6.5(Medium)

The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, wh...

CWE-9402023

CVE-2024-40503

MEDIUM
CVSS:6.5(Medium)

An issue in Tenda AX12 v.16.03.49.18_cn+ allows a remote attacker to cause a denial of service via the Routing functionality and ICMP packet handling.

CWE-9402024

CVE-2024-49579

MEDIUM
CVSS:6.1(Medium)

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests

CWE-9402024

CVE-2025-23018

MEDIUM
CVSS:6.5(Medium)

IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exp...

CWE-9402025