CVE-2018-17008

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR886N versions 6.0 2.3.4 through 7.0 1.1.0

Description An issue allows authenticated attackers to crash router services, including inetd, HTTP, DNS, and UPnP, by sending long JSON data for wireless wlan host 2g power.

Recommendations For TP-Link TL-WR886N versions 6.0 2.3.4 through 7.0 1.1.0, consider restricting access to the wireless configuration API to prevent exploitation. As a temporary workaround, consider disabling the wireless wlan host 2g power configuration option until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.