PT-2019-13448 · Tp Link · Tp-Link Wireless Router Archer Router

Published

2019-07-17

Updated

2020-08-24

CVE-2019-13613

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier

Description The issue is related to a stack-based buffer overflow in the CMD FTEST CONFIG of the TP-Link Device Debug protocol. This allows a remote attacker to achieve code execution or denial of service by sending a crafted payload to the listening server.

Recommendations For TP-Link Wireless Router Archer Router version 1.0.0 Build 20180502 rel.45702 (EU) and earlier, consider disabling the CMD FTEST CONFIG in the TP-Link Device Debug protocol until a patch is available to prevent potential code execution or denial of service attacks.

Exploit

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

CVE-2019-13613

Affected Products

Tp-Link Wireless Router Archer Router

PT-2019-13448 · Tp Link · Tp-Link Wireless Router Archer Router

CVE-2019-13613

Weakness Enumeration

Related Identifiers

Affected Products

References · 3