Buffer Overflow in pppd Vulnerability

Security Advisory
Updated 03-03-2020 12:25:51 PM 18582

TP-Link has been made aware of a buffer overflow vulnerability in the Point-to-Point Protocol Daemon (pppd) discovered by Ilja Van Sprundel. According to the research, a logic flaw in the pppd is the root cause. An unauthenticated attacker may be able to exploit this to trigger a stack-based buffer overflow, which can cause arbitrary code execution.

At TP-Link, customer security comes first. TP-Link is investigating and will keep updating this advisory as more information becomes available. The affected TP-Link products will be updated as soon as possible and the new firmware, with fixed for this issue, will be made available.

If you have concerns about your TP-Link product, please feel free to contact TP-Link Support: https://www.tp-link.com/support/.

For more information about this vulnerability, please refer to: CVE-2020-8597.

Updates:

2020-03-03 Published Advisory

 

Is this faq useful?

Your feedback helps improve this site.