0-day vulnerability in TP-Link SR20 router

There is a 0-day vulnerability in the TP-Link SR20 SmartHome router that enables arbitrary code execution (ACE).


The vulnerability was exposed by Matthew Garrett, Google security researcher. The 0-day (ACE) vulnerability in the TP-Link SR20 Smart Home Router allows potential attackers to execute arbitrary commands on the same network. Here the tweet with the mention.

The disclosure was made after TP-Link did not move 90 days after the vulnerability was reported. In the meantime, an advisory on the subject has appeared on coresecurity.com. Garrett has published details here – Bleeping Computer has an article on the subject here.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *