passwd_recovery.lua on the TP-Link Archer C9(UN)_V2_160517 allows an attacker to reset the admin password by leveraging a predictable random number generator seed. This is fixed in C9(UN)_V2_170511.
CPE | Name | Operator | Version |
---|---|---|---|
archer_c9_\\(2.0\\)_firmware | eq | 160517 |