CVE-2023-28760

Name of the Vulnerable Software and Affected Versions TP-Link Archer AX20 (AX1800) and Archer AX21 versions prior to a fix TP-Link Archer AX1800 WiFi 6 Router versions prior to a fix TP-Link Archer AX21 versions prior to a fix

Description The MiniDLNA service in TP-Link Archer AX20 (AX1800) and Archer AX21 routers contains a stack-based buffer overflow in the upnpsoap.c file. This issue allows unauthenticated attackers on the local area network (LAN) to execute arbitrary code as root. Exploitation involves modifying the files.db file and leveraging the buffer overflow. A USB flash drive connected to the router is required for successful exploitation. The vulnerability resides in the handling of the db dir field within the MiniDLNA service.

Recommendations For TP-Link Archer AX20 (AX1800) versions prior to a fix, update to a newer version that addresses this vulnerability. For TP-Link Archer AX21 versions prior to a fix, update to a newer version that addresses this vulnerability. For TP-Link Archer AX1800 WiFi 6 Router versions prior to a fix, update to a newer version that addresses this vulnerability.