PT-2020-17050 · Tp Link · Tp-Link Wdr Series

Published

2020-11-20

Updated

2020-12-09

CVE-2020-28877

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions TP-Link WR and WDR series versions (including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR882N, and WR708N)

Description The issue is a buffer overflow in the copy msg element function for the devDiscoverHandle server. This affects the TP-Link WR and WDR series, including various models such as WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR882N, and WR708N. The copy msg element function is vulnerable, and the devDiscoverHandle server is the affected component.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2020-28877

Affected Products

Tp-Link Wdr Series

PT-2020-17050 · Tp Link · Tp-Link Wdr Series

CVE-2020-28877

Weakness Enumeration

Related Identifiers

Affected Products

References · 7