Buffer Overflow Vulnerability in TP-Link Router Firmware
CVE-2021-29302

8.1HIGH

Key Information:

Vendor
Tp-link
Status
Tl-wr802n Firmware
Vendor
CVE Published:
12 April 2021

Summary

The TP-Link TL-WR802N and Archer_C50v5 routers are susceptible to a buffer overflow vulnerability in the httpd process. Attackers can exploit this vulnerability by sending specially crafted messages over the network, which may allow them to gain shell access to the router, ultimately leading to remote code execution. It is crucial for users of these models to apply the necessary firmware updates to secure their devices against potential threats.

References

https://github.com/liyansong2018/CVE/tree/main/2021/CVE-2...
x_refsource_MISC
https://static.tp-link.com/beta/2021/202103/20210319/TL-W...
x_refsource_MISC
https://www.tp-link.com/us/support/download/tl-wr802n/#Fi...
x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.