CVE-2022-46432

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR743ND V1 versions prior to 3.12.20

Description An exploitable firmware modification vulnerability was discovered, allowing an attacker to conduct a Man-in-the-Middle (MITM) attack to modify the user-uploaded firmware image and bypass the CRC check. This enables attackers to execute arbitrary code or cause a Denial of Service (DoS).

Recommendations For versions prior to 3.12.20, update to a version later than 3.12.20 to resolve the issue. As a temporary workaround, consider restricting access to the firmware update process to minimize the risk of exploitation. Avoid using unsecured networks for firmware updates until the issue is resolved.