TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover

CERT-LatestNews ThreatsCybercrime ThreatsEconomic VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCrypto VulnerabilitiesFirmware VulnerabilitiesHardware VulnerabilitiesNetwork
This blog post gives details about a zero-day vulnerability in TP-Link Archer C5 v4 routers that run firmware version 3.16.0 0.9.1 v600c.0 Build 180124 Rel.28919n. The issue has been reported as CVE-2017-7405 and issued patches by TP-Link. Please see links to patches at the end of this post and patch with priority.