CVE-2020-5795

Name of the Vulnerable Software and Affected Versions TP-Link Archer A7(US) version V5 200721

Description The issue allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a crafted USB drive into the router. This is due to a UNIX Symbolic Link (Symlink) Following vulnerability.

Recommendations For TP-Link Archer A7(US) version V5 200721, as a temporary workaround, consider restricting physical and network access to the router until a patch is available. Avoid using crafted USB drives on the affected router to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.