CVE-2021-27245

Name of the Vulnerable Software and Affected Versions: TP-Link Archer A7 versions prior to Archer C7(US) V5 210125 and Archer A7(US) V5 200220

Description: This issue allows for a firewall bypass on affected installations. It does not require authentication to exploit. The flaw exists within the handling of IPv6 connections, specifically due to the lack of proper filtering of IPv6 SSH connections. An attacker can leverage this, potentially in conjunction with other issues, to execute code in the context of root.

Recommendations: For TP-Link Archer A7 versions prior to Archer C7(US) V5 210125 and Archer A7(US) V5 200220, update to a version that includes the necessary security patches to address the firewall bypass issue. As a temporary workaround, consider restricting IPv6 SSH connections to minimize the risk of exploitation.