In the Netcomm and TP-Link routers, vulnerabilities were found in the security system, some of them can be used for remote code execution.
The vulnerabilities of the CVE-2022-4873 and CVE-2022-4874 were discovered in October 2022 by the security researcher Brendan Scarvell. They are associated with the overwhelming of the buffer on the stack and bypassing authentication. Vulnerabilities affect the models of Netcomm NF20, NF20MESH and NL1902 routers with firmware to the R6B035 version. In subsequent versions on the “gap” eliminated.
“These two vulnerabilities, when using them together, allow a remote unauthorized attacker to execute an arbitrary code,” the publication of the Cert Coordination Center says
“an attacker can get unauthorized access to vulnerable devices and threaten the availability, integrity or confidentiality of data transmitted from the internal network. In addition, compromised devices can be used to access other networks,” they added to Cert.
Cert also described in detail two more vulnerabilities that have not yet been eliminated. They affect the routers TP-Link WR710N-V1-151022 and Archer-C5-V2-160201. Vulnerabilities can lead to information disclosure (CVE-2022-4499) and remote code execution (CVE-2022-4498).