CVE-2020-10883: (Pwn2Own) TP-Link Archer A7 File System Incorrect Permission Assignment for Critical Resource Privilege Escalation Vulnerability
First published: Wed Mar 25 2020(Updated: )
Credit: zdi-disclosures@trendmicro.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TP-Link Archer A7 | ||
| Tp-link Ac1750 Firmware | =190726 | |
| TP-Link AC1750 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2020-10883.
What is the severity of CVE-2020-10883?
The severity of CVE-2020-10883 is high with a score of 7.8.
What is the affected software of CVE-2020-10883?
The affected software of CVE-2020-10883 is TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers.
How can an attacker exploit CVE-2020-10883?
An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
Are there any known fixes for CVE-2020-10883?
Always keep your router firmware up to date to mitigate the risk of this vulnerability.
- collector/zdi-advisory
- alias/ZDI-20-335
- alias/ZDI-CAN-9651
- alias/CVE-2020-10883
- collector/nvd-index
- vendor/tp-link
- canonical/tp-link archer a7
- canonical/tp-link ac1750 firmware
- version/tp-link ac1750 firmware/190726
- canonical/tp-link ac1750