Arbitrary Code Execution Vulnerability in TP-Link AC1750 Routers
CVE-2022-24353

8.8HIGH

Key Information:

Vendor: Tp-link
Status: Ac1750
Vendor: CVE Published:; 28 March 2023

Summary

This vulnerability affects TP-Link AC1750 routers, specifically the NetUSB.ko module, allowing network-adjacent attackers to execute arbitrary code on devices running affected firmware versions without requiring authentication. The flaw arises from inadequate validation of user-supplied data, potentially resulting in a read beyond the end of an allocated buffer. Successful exploitation could enable attackers to execute code with root user privileges, compromising the integrity of the affected device.

Affected Version(s)

AC1750 1.1.4 Build 20211022 rel.59103(5553)

References

https://www.zerodayinitiative.com/advisories/ZDI-22-263/

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 28, 2023
Vulnerability Reserved
Feb 2, 2022

Credit

Bien Pham (@bienpnn) from Team Orca of Sea Security (security.sea.com)