CVE-2018-17005

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR886N versions 6.0 2.3.4 through 7.0 1.1.0

Description An issue allows authenticated attackers to crash router services, including inetd, HTTP, DNS, and UPnP, by sending long JSON data for firewall DMZ enable.

Recommendations For TP-Link TL-WR886N versions 6.0 2.3.4 through 7.0 1.1.0, consider restricting access to the JSON data handling functionality for the firewall DMZ enable feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.