Lucene search
Pedro Ribeiro and Radek Domanski of Team FlashbackZDI-20-334HistoryMar 25, 2020 - 12:00 a.m.
(Pwn2Own) TP-Link Archer A7 tdpServer Command Injection Remote Code Execution Vulnerability
2020-03-2500:00:00
Pedro Ribeiro and Radek Domanski of Team Flashback
www.zerodayinitiative.com
29
0.002 Low
EPSS
Percentile
57.4%
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user.
Related
cvelist
cvelist
CVE-2020-10882
2020-03-25 19:15:23
CVE-2020-28347
2020-11-08 20:00:39
nvd
nvd
CVE-2020-10882
2020-03-25 21:15:11
CVE-2020-28347
2020-11-08 20:15:11
cve
cve
CVE-2020-10882
2020-03-25 21:15:11
CVE-2020-28347
2020-11-08 20:15:11
prion
prion
Design/Logic Flaw
2020-03-25 21:15:00
Code injection
2020-11-08 20:15:00
checkpoint_advisories
checkpoint_advisories
zdt
zdt
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution Exploit
2020-04-16 00:00:00
packetstorm
packetstorm
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
2020-04-15 00:00:00