CVE-2021-44630

Name of the Vulnerable Software and Affected Versions TP-LINK WR-886N version 2.3.8

Description A Buffer Overflow issue exists in the /cloud config/router post/modify account pwd feature, allowing malicious users to execute arbitrary code on the system via a crafted post request. This is caused by a buffer overflow on the stack, which can be exploited by a remote attacker using a specially formed request.

Recommendations For TP-LINK WR-886N version 2.3.8, as a temporary workaround, consider disabling the /cloud config/router post/modify account pwd feature until a patch is available. Restrict access to this feature to minimize the risk of exploitation. Avoid using the /cloud config/router post/modify account pwd endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.