ZDI-20-335: (Pwn2Own) TP-Link Archer A7 File System Incorrect Permission Assignment for Critical Resource Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of TP-Link Archer A7 AC1750 routers. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the file system. The issue lies in the lack of proper permissions set on the file system. An attacker can leverage this vulnerability to escalate privileges.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| TP-Link Archer A7 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of ZDI-20-335?
The severity of ZDI-20-335 is categorized as a high-severity privilege escalation vulnerability.
How do I fix ZDI-20-335?
To fix ZDI-20-335, you should update the TP-Link Archer A7 router to the latest firmware provided by TP-Link.
Who is affected by ZDI-20-335?
ZDI-20-335 affects users of the TP-Link Archer A7 AC1750 routers who have not applied the latest firmware updates.
What type of attack does ZDI-20-335 involve?
ZDI-20-335 involves a local privilege escalation attack that requires initial low-privileged access to the device.
Is there a way to mitigate ZDI-20-335 before a fix is applied?
Mitigating ZDI-20-335 can be done by restricting physical access to the router and monitoring for unauthorized code execution.
- agent/title
- agent/type
- agent/event
- agent/description
- agent/softwarecombine
- agent/tags
- collector/zdi-advisory
- alias/ZDI-20-335
- alias/ZDI-CAN-9651
- alias/CVE-2020-10883
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- vendor/tp-link
- canonical/tp-link archer a7 firmware