CVE-2021-44622

Name of the Vulnerable Software and Affected Versions TP-LINK WR-886N version 20190826 2.3.8

Description A Buffer Overflow issue exists in the /cloud config/router post/check reg verify code function, which could allow a remote malicious user to execute arbitrary code via a crafted post request. This is caused by a stack-based buffer overflow in the router's firmware. Exploitation of this issue may permit a remote attacker to execute arbitrary code using a specially formed request.

Recommendations For TP-LINK WR-886N version 20190826 2.3.8, as a temporary workaround, consider disabling the check reg verify code function until a patch is available. Restrict access to the /cloud config/router post/check reg verify code endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.