Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be used to achieve remote code execution.

The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass. Vulnerabilities impact Netcomm router models NF20MESH, NF20, and NL1902 running firmware versions earlier than R6B035.

Security researchers also detailed two unpatched security vulnerabilities affecting TP-Link routers WR710N-V1-151022 and Archer-C5-V2-160201 that could lead to information disclosure (CVE-2022-4499) and remote code execution (CVE-2022-4498).

Source: securitylab.ru