Request a Demo
Rewterz
Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
January 17, 2022
Rewterz
Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
January 18, 2022

Rewterz Threat Advisory – TP-Link Archer C90 routers and TL-WA1201 wireless access points

Severity

High

Analysis Summary

CVE-2021-35003 

TP-Link Archer C90 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking when handling of DNS responses. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code in the context of root.

CVE-2021-35004 

TP-Link TL-WA1201 wireless access points are vulnerable to a stack-based buffer overflow, caused by improper bounds checking when handling of DNS responses. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code in the context of root.

Impact

  • Buffer Overflow

Affected Vendors

TP-Link

Affected Products

  • TP-Link Archer C90
  • TP-Link TL-WA1201

Remediation

Refer to TP-Link Advisory for patch, upgrade, or suggested workaround information.

https://www.tp-link.com/us/