CVE-2023-33538

Name of the Vulnerable Software and Affected Versions TP-Link TL-WR940N V2/V4 TP-Link TL-WR841N V8/V10 TP-Link TL-WR740N V1/V2

Description Multiple wireless routers contain a command injection flaw that allows a remote attacker to execute arbitrary system commands or cause a denial of service. The issue stems from flawed input validation in the wirelessConfigUpdate() function, where unsanitized data can be injected through the ssid1 parameter via a specially crafted HTTP GET request to the endpoint '/userRpm/WlanNetworkRpm'. This flaw has been actively exploited in the real world, with attackers using automated scans to deploy Mirai-style botnet binaries to compromised devices.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.