Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of DNS reponses prior to further processing. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the root user. Was ZDI-CAN-9661.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
TP-Link Archer A7 AC1750 输入验证错误漏洞
Vulnerability Description
TP-Link Archer A7 AC1750是中国普联(TP-Link)公司的一款无线路由器。 使用190726 AC1750版本固件的TP-Link Archer A7中对DNS响应的处理存在输入验证错误漏洞,该漏洞源于在进行进一步处理之前,程序没有对DNS响应进行正确的验证。攻击者可利用该漏洞执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A