Vulnerability CVE-2022-48194


Published: 2022-12-30

Description:
TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrary code or cause a Denial of Service (DoS) by uploading a crafted firmware update because the signature check is inadequate.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
TP-Link TL-WR902AC firmware 210730 (V3) Remote Code Execution (RCE) (Authenticated)
Tobias Müller
03.04.2023

 References:
https://github.com/otsmr/internet-of-vulnerable-things/tree/main/exploits

Copyright 2024, cxsecurity.com

 

Back to Top