Vulnerability Description
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
CVSS Score
7.5
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Archer C50 | build_170822 |
| Tp-Link | Archer C5 | v3 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-ServExploitThird Party Advisory
- https://thewhiteh4t.github.io/2020/02/27/CVE-2020-9375-TP-Link-Archer-C50-v3-DenExploitThird Party Advisory
- https://thewhiteh4t.github.io/blog/cve-2020-9375-tplink/
- https://www.tp-link.com/in/support/download/archer-c50/v3/#FirmwareRelease NotesVendor Advisory
- http://packetstormsecurity.com/files/156928/TP-Link-Archer-C50-V3-Denial-of-ServExploitThird Party Advisory
- https://thewhiteh4t.github.io/2020/02/27/CVE-2020-9375-TP-Link-Archer-C50-v3-DenExploitThird Party Advisory
- https://www.tp-link.com/in/support/download/archer-c50/v3/#FirmwareRelease NotesVendor Advisory
FAQ
What is CVE-2020-9375?
CVE-2020-9375 is a vulnerability with a CVSS score of 7.5 (HIGH). TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
How severe is CVE-2020-9375?
CVE-2020-9375 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-9375?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Archer C50, Tp-Link Archer C5.