CVE-2019-13651

Name of the Vulnerable Software and Affected Versions TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n

Description The issue is related to the implementation of the NAT Port Mapping Protocol (NAT-PMP) in the TP-Link M7350 router's firmware, which fails to neutralize special elements used in an operating system command. This can be exploited by a remote attacker to execute arbitrary commands.

Recommendations For TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n, consider disabling the NAT-PMP protocol as a temporary workaround until a patch is available. Restrict access to the device to minimize the risk of exploitation.