CVE-2020-5797

Summary

UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router.

Affected Software

VendorProductVersion RangeStatus
n/aTP-Link Archer C9 A1Archer C9(US)_V1_180125 firmwareaffected

Weaknesses

  • UNIX Symbolic Link (Symlink) Following

ADP Enrichment

CVE Program Container

Additional References

References