CVE-2021-3125
Published Apr 12, 2021
Last updated 4 years ago
Overview
- Description
- In TP-Link TL-XDR3230 < 1.0.12, TL-XDR1850 < 1.0.9, TL-XDR1860 < 1.0.14, TL-XDR3250 < 1.0.2, TL-XDR6060 Turbo < 1.1.8, TL-XDR5430 < 1.0.11, and possibly others, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. This occurs when a link prefix route points to a point-to-point link, a destination IPv6 address belongs to the prefix and is not a local IPv6 address, and a router advertisement is received with at least one global unique IPv6 prefix for which the on-link flag is set.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-834
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-xdr3230:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "0F2F0B3B-F393-4667-B579-FF7E53494A8C"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-xdr3230_firmware:*:*:*:*:*:easy_exhibition_turbo:*:*",
"vulnerable": true,
"matchCriteriaId": "A0D17DEE-C4E7-478E-B70E-CDE2F775C8C7",
"versionEndExcluding": "1.0.12"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-xdr5430:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "DB818559-2DD9-41FF-8160-33E59516F061"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-xdr5430_firmware:*:*:*:*:*:easy_exhibition:*:*",
"vulnerable": true,
"matchCriteriaId": "9748491C-2C0F-4C87-94BA-4D01F5B334AC",
"versionEndExcluding": "1.0.11"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-xdr3250:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "36FE5CF6-4941-4E9E-8584-E9BA6BA73D72"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-xdr3250_firmware:*:*:*:*:*:easy_exhibition:*:*",
"vulnerable": true,
"matchCriteriaId": "3DB26B3D-F802-429D-B303-00F1ECF085AC",
"versionEndExcluding": "1.0.2"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-xdr1860:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "37F81B38-9711-4748-A8C4-B65F0FB94AD8"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-xdr1860_firmware:*:*:*:*:*:easy_exhibition:*:*",
"vulnerable": true,
"matchCriteriaId": "8B1FC40F-5F0A-458D-B00D-BF933BA0136C",
"versionEndExcluding": "1.0.14"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-xdr1850:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D4DAC6CF-72E8-47A4-9803-80171D5E0055"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-xdr1850_firmware:*:*:*:*:*:easy_exhibition:*:*",
"vulnerable": true,
"matchCriteriaId": "3897116B-E78E-40B1-986B-24456237B852",
"versionEndExcluding": "1.0.9"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:tl-xdr6060:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "F2A60FB6-25AC-4443-AA29-8E13944E3F8A"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:tl-xdr6060_firmware:*:*:*:*:*:easy_exhibition:*:*",
"vulnerable": true,
"matchCriteriaId": "315B5D50-DB9F-476D-8F16-1F51ED6AC143",
"versionEndExcluding": "1.1.8"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]