Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
January 17, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
January 18, 2022Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
January 17, 2022Rewterz Threat Alert – Qakbot (Qbot) Malware – Active IOCs
January 18, 2022Severity
High
Analysis Summary
CVE-2021-35003
TP-Link Archer C90 routers are vulnerable to a stack-based buffer overflow, caused by improper bounds checking when handling of DNS responses. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code in the context of root.
CVE-2021-35004
TP-Link TL-WA1201 wireless access points are vulnerable to a stack-based buffer overflow, caused by improper bounds checking when handling of DNS responses. By sending a specially-crafted request, a remote attacker could overflow a buffer and execute arbitrary code in the context of root.
Impact
- Buffer Overflow
Affected Vendors
TP-Link
Affected Products
- TP-Link Archer C90
- TP-Link TL-WA1201
Remediation
Refer to TP-Link Advisory for patch, upgrade, or suggested workaround information.