Buffer Overflow Vulnerability in TP-LINK WR-886N Router
CVE-2021-44631

9.8CRITICAL

Key Information:

Vendor: Tp-link
Status: Tl-wr886n Firmware
Vendor: CVE Published:; 10 March 2022

Summary

A buffer overflow vulnerability found in the TP-LINK WR-886N router, specifically in the /cloud_config/router_post/reset_cloud_pwd feature, could allow malicious actors to execute arbitrary code on the device. This vulnerability arises when the system processes crafted POST requests, potentially compromising the router's integrity and the security of connected networks. Users should ensure their devices are updated to prevent exploitation of this weakness.

References

https://github.com/Yu3H0/IoT_CVE/tree/main/886N/resetClou...

x_refsource_MISC

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 10, 2022
Vulnerability Reserved
Dec 6, 2021