CVE-2020-8423

Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR841N version 3.16.9

Description: A buffer overflow in the httpd daemon allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the configuration of the Wi-Fi network. The issue is related to a lack of size checking for input data, which can be exploited by a remote attacker to gain unauthorized access.

Recommendations: For TP-Link TL-WR841N version 3.16.9, consider restricting access to the httpd daemon or the Wi-Fi network configuration page as a temporary workaround until a patch is available. Avoid using the vulnerable firmware version until an update is released. At the moment, there is no information about a newer version that contains a fix for this vulnerability.