C10Uds

**Name of the Vulnerable Software and Affected Versions** TPLINK TL-WPA 8630 version 2.0.4 Build 20230427 **Description** An issue allows a remote attacker to execute arbitrary code via the function `sub 4256CC()`, which allows command injection by injecting the `devpwd` variable. **Recommendations** For TPLINK TL-WPA 8630 version 2.0.4 Build 20230427, consider restricting access to the `sub 4256CC()` function to minimize the risk of exploitation. Avoid using the `devpwd` variable in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.