CVE-2021-44625

Name of the Vulnerable Software and Affected Versions TP-LINK WR-886N version 20190826 2.3.8

Description A Buffer Overflow issue exists in the /cloud config/cloud device/info interface, allowing a malicious user to execute arbitrary code on the system via a crafted post request. This is caused by a stack-based buffer overflow in the cloud device/info function of the router's firmware. Exploitation of this issue may allow a remote attacker to execute arbitrary code using a specially formed request.

Recommendations For TP-LINK WR-886N version 20190826 2.3.8, as a temporary workaround, consider disabling access to the /cloud config/cloud device/info interface until a patch is available. Restrict access to this interface to minimize the risk of exploitation. Avoid using this interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.