CVE-2020-9375 PoC — TP-Link Archer C50 安全漏洞

Source

Associated Vulnerability

Description

TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.

Readme

# CVE-2020-9375
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.

* **Exploit Title** : TP-Link Archer C50 v3 Denial of Service
* **Date** : 25-01-2020
* **Exploit Author** : thewhiteh4t
* **Vendor Homepage** : https://www.tp-link.com/
* **Version** : TP-Link Archer C50 v3 Build 171227
* **Tested on** : Arch Linux x64
* **CVE** : CVE-2020-9375

## Links

* **Blog** : https://thewhiteh4t.github.io/2020/02/27/CVE-2020-9375-TP-Link-Archer-C50-v3-Denial-of-Service.html
* **MITRE** : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9375
* **NVD** : https://nvd.nist.gov/vuln/detail/CVE-2020-9375
* **Exploit-DB** : https://www.exploit-db.com/exploits/48255
* **Packet Storm** : https://packetstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-Service.html

## Proof of Concept

**YouTube** : https://www.youtube.com/watch?v=S37_gZVx3s4

File Snapshot

 [4.0K]  /data/pocs/10030214f87cd76a7e76986f217123024b99eaeb
├── [1.3K]  exploit.py
└── [ 987]  README.md

0 directories, 2 files

Remarks