Severity
High
Analysis Summary
CVE-2024-5227 CVSS:7.5
TP-Link Omada ER605 Routers could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the handling of the username parameter provided to the /usr/bin/pppd endpoint. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of root.
CVE-2024-5228 CVSS:7.5
TP-Link Omada ER605 Routers is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the DNS responses. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code in the context of root.
CVE-2024-5242 CVSS:7.5
TP-Link Omada ER605 Routers is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the DDNS error codes. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code on the system.
CVE-2024-5243 CVSS:7.5
TP-Link Omada ER605 Routers is vulnerable to a buffer overflow, caused by improper bounds checking by the DNS names. By sending a specially crafted request, a remote attacker could overflow a buffer and execute arbitrary code in the context of root.
CVE-2024-5244 CVSS:5
TP-Link Omada ER605 Routers could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the cmxddnsd executable. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code in the context of root.
Impact
- Buffer Overflow
- Code Execution
Indicators of Compromise
CVE
- CVE-2024-5227
- CVE-2024-5228
- CVE-2024-5242
- CVE-2024-5243
- CVE-2024-5244
Affected Vendors
Affected Products
- TP-Link Omada ER605
Remediation
Refer to TP-Link Website for patch, upgrade, or suggested workaround information.