Multiple TP-Link TL-WDR7660 Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-48712 CVSS:6.5

In TP-Link TL-WDR7660 1.0, the rtRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

CVE-2024-48710 CVSS:6.5

In TP-Link TL-WDR7660 1.0, the wlanTimerRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

CVE-2024-48713 CVSS:6.5

In TP-Link TL-WDR7660 1.0, the wacWhitelistJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

CVE-2024-48714 CVSS:6.5

In TP-Link TL-WDR7660 v1.0, the guestRuleJsonToBin function handles the parameter string name without checking it, which can lead to stack overflow vulnerabilities.

Impact

Buffer Overflow

Indicators of Compromise

CVE

CVE-2024-48712
CVE-2024-48710
CVE-2024-48713
CVE-2024-48714

Affected Vendors

TP-Link

Affected Products

TP-Link TL-WDR7660 1.0

Remediation

Refer to TP-Link Security Advisory for patch, upgrade, or suggested workaround information.

Multiple D-Link Products Vulnerabilities

FormBook Malware – Active IOCs

Multiple TP-Link TL-WDR7660 Vulnerabilities

Severity

Medium

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan