CVE-2023-46371

CRITICAL

TP-Link TL-WDR7660 <2.0.30 & TL-WR886N <2.0.12 - Buffer Overflow

Title source: llm

TP-Link device TL-WDR7660 2.0.30 and TL-WR886N 2.0.12 has a stack overflow vulnerability via the function upgradeInfoJsonToBin.

nomisec WORKING POC

by Jianchun-Ding · poc

CVSS v3 9.8

EPSS 0.0101

EPSS Percentile 77.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-787

Status published

Products (1)

tp-link/tl-wdr7660_firmware 2.0.30

Published Oct 25, 2023

Tracked Since Feb 18, 2026