Vulnerability Description
Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tp-Link | Wdr7400 Firmware | - |
| Tp-Link | Wdr7400 | - |
| Tp-Link | Wdr7500 Firmware | - |
| Tp-Link | Wdr7500 | - |
| Tp-Link | Wdr7660 Firmware | - |
| Tp-Link | Wdr7660 | - |
| Tp-Link | Wdr7800 Firmware | - |
| Tp-Link | Wdr7800 | - |
| Tp-Link | Wdr8400 Firmware | - |
| Tp-Link | Wdr8400 | - |
| Tp-Link | Wdr8500 Firmware | - |
| Tp-Link | Wdr8500 | - |
| Tp-Link | Wdr8600 Firmware | - |
| Tp-Link | Wdr8600 | - |
| Tp-Link | Wdr8620 Firmware | - |
| Tp-Link | Wdr8620 | - |
| Tp-Link | Wdr8640 Firmware | - |
| Tp-Link | Wdr8640 | - |
| Tp-Link | Wdr8660 Firmware | - |
| Tp-Link | Wdr8660 | - |
Related Weaknesses (CWE)
References
- https://github.com/peanuts62/TP-Link-pocBroken Link
- https://exchange.xforce.ibmcloud.com/vulnerabilities/192112Third Party Advisory
- https://github.com/peanuts62/TP-Link-pocBroken Link
FAQ
What is CVE-2020-28877?
CVE-2020-28877 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620,...
How severe is CVE-2020-28877?
CVE-2020-28877 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2020-28877?
Check the references section above for vendor advisories and patch information. Affected products include: Tp-Link Wdr7400 Firmware, Tp-Link Wdr7400, Tp-Link Wdr7500 Firmware, Tp-Link Wdr7500, Tp-Link Wdr7660 Firmware.