CVE-2020-28877

Published: Nov 20, 2020Modified: Jun 17, 2026

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N.

Affected (15)

Products: Tp Link: Wdr7400 Firmware, Wdr7500 Firmware, Wdr7660 Firmware, Wdr7800 Firmware, Wdr8400 Firmware, Wdr8500 Firmware, Wdr8600 Firmware, Wdr8620 Firmware, Wdr8640 Firmware, Wdr8660 Firmware, Wr880n Firmware, Wr886n Firmware, Wr890n Firmware, Wr882n Firmware, Wr708n Firmware

15 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr7400 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr7400	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr7500 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr7500	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr7660 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr7660	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr7800 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr7800	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr8400 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr8400	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr8500 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr8500	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr8600 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr8600	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr8620 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr8620	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr8640 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr8640	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wdr8660 Firmware	All versions

Running on/with	Platform Versions
Tp Link Wdr8660	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wr880n Firmware	All versions

Running on/with	Platform Versions
Tp Link Wr880n	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wr886n Firmware	All versions

Running on/with	Platform Versions
Tp Link Wr886n	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wr890n Firmware	All versions

Running on/with	Platform Versions
Tp Link Wr890n	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wr882n Firmware	All versions

Running on/with	Platform Versions
Tp Link Wr882n	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Tp Link Wr708n Firmware	All versions

Running on/with	Platform Versions
Tp Link Wr708n	All versions

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

References (3)

https://github.com/peanuts62/TP-Link-poc

Source: cve@mitre.org

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/192112

Source: nvd@nist.gov

Third Party Advisory

https://github.com/peanuts62/TP-Link-poc

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.