CVE-2023-28760
TP-Link Archer AX20 (AX1800) and AX21 routers are affected. The vulnerability resides in the MiniDLNA service (minidlnad) handling of the db_dir field, allowing unauthenticated, LAN-adjacent attackers to modify files.db and trigger a stack-based buffer overflow in minidlna-1.1.2/upnpsoap.c, resul...