Remote Code Execution Vulnerabilities Found in TP-Link, NetComm Routers

Sat, 21 Jan 2023 23:25:00 Dan vulnerabilities , router

Two security defects were identified in TP-Link WR710N-V1-151022 and Archer-C5-V2-160201 SOHO (small office/home office) #routers, allowing attackers to execute code, crash devices, or guess login credentials.

Tracked as CVE-2022-4498, the first issue is described as a heap overflow caused by crafted packets received during HTTP basic authentication mode. An attacker could exploit the bug to cause a denial-of-service (DoS) condition or for RCE.

More at https://www.securityweek.com/remote-code-execution-vulnerabilities-found-tp-link-netcomm-routers

About the author

Dan

I'm a long-time user and enthusiast of open source software and espouse the philosophy that software code should be open (readable). So that everyone can see what happens behind the scenes while we use our electronic devices every day.