CVE-2021-44628

Name of the Vulnerable Software and Affected Versions TP-LINK WR-886N version 2.3.8

Description A Buffer Overflow issue exists in the /cloud config/router post/login feature, allowing malicious users to execute arbitrary code on the system via a crafted post request. This is caused by a stack-based buffer overflow in the router post/login function of the TP-LINK WR-886N router's firmware. Exploitation of this issue may allow a remote attacker to execute arbitrary code using a specially formed request.

Recommendations For TP-LINK WR-886N version 2.3.8, as a temporary workaround, consider disabling the /cloud config/router post/login feature until a patch is available. Restrict access to this feature to minimize the risk of exploitation. Avoid using the /cloud config/router post/login endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.