Vulnerability Details : CVE-2020-10883
Public exploit exists!
This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the file system. The issue lies in the lack of proper permissions set on the file system. An attacker can leverage this vulnerability to escalate privileges. Was ZDI-CAN-9651.
Products affected by CVE-2020-10883
- cpe:2.3:o:tp-link:ac1750_firmware:190726:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-10883
0.05%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 14 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2020-10883
-
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
Disclosure Date: 2020-03-25First seen: 2020-04-26exploit/linux/misc/tplink_archer_a7_c7_lan_rceThis module exploits a command injection vulnerability in the tdpServer daemon (/usr/bin/tdpServer), running on the router TP-Link Archer A7/C7 (AC1750), hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attac
CVSS scores for CVE-2020-10883
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.6
|
MEDIUM | AV:L/AC:L/Au:N/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
5.3
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L |
1.8
|
3.4
|
Zero Day Initiative | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2020-10883
-
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.Assigned by:
- nvd@nist.gov (Primary)
- zdi-disclosures@trendmicro.com (Secondary)
References for CVE-2020-10883
-
https://www.zerodayinitiative.com/advisories/ZDI-20-335/
ZDI-20-335 | Zero Day InitiativeThird Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/157255/TP-Link-Archer-A7-C7-Unauthenticated-LAN-Remote-Code-Execution.html
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Jump to