CVE-2023-48724

Name of the Vulnerable Software and Affected Versions Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) version 5.1.0 Build 20220926

Description A memory corruption vulnerability exists in the web interface functionality, allowing an attacker to send an unauthenticated HTTP POST request to trigger this issue, leading to denial of service of the device's web interface. The vulnerability can be exploited by sending a specially crafted HTTP POST request.

Recommendations For Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) version 5.1.0 Build 20220926, as a temporary workaround, consider restricting access to the web interface until a patch is available. Avoid using the web interface functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.