AI description
CVE-2024-5242 is a stack-based buffer overflow vulnerability impacting TP-Link Omada ER605 routers. This flaw enables network-adjacent attackers to execute arbitrary code on affected devices without requiring authentication. However, this vulnerability is only exploitable if the router is configured to utilize the Comexe DDNS service. The root cause of the vulnerability lies within the router's handling of DDNS error codes. Specifically, there is a lack of proper validation for the length of user-supplied data before it is copied into a fixed-length stack-based buffer. An attacker can leverage this oversight to execute code with root privileges.
- Description
- TP-Link Omada ER605 Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DDNS error codes. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22522.
- Source
- zdi-disclosures@trendmicro.com
- NVD status
- Analyzed
- Products
- omada_er605_firmware
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 3.0
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 5.9
- Exploitability score
- 1.6
- Vector string
- CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- zdi-disclosures@trendmicro.com
- CWE-121
- Hype score
- Not currently trending
TP-Link ER605 DDNS Pre-Auth RCE: Chaining CVE-2024-5242, CVE-2024-5243, CVE-2024-5244: https://t.co/STrsh8TmK4 #exploit #vulnerability #rce #informationsecurity #cybersecurity #infosec https://t.co/RulxemI2kQ
@blackstormsecbr
8 Feb 2026
1006 Impressions
4 Retweets
23 Likes
9 Bookmarks
0 Replies
0 Quotes
Technical analysis of the TP-Link ER605 Pre-Auth RCE exploit chain by @yibarrack. This writeup documents the reproduction of CVE-2024-5242, 5243, and 5244, detailing a 2-stage exploitation process to bypass ASLR on MIPS32 LE. Full report: https://t.co/Wg9wz459e7
@oobs_io
6 Feb 2026
2796 Impressions
18 Retweets
53 Likes
28 Bookmarks
1 Reply
1 Quote
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:tp-link:omada_er605_firmware:2.2.2:build_20231017:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F8375DF-D256-4A9B-9D14-0D5E56394573"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:tp-link:omada_er605:2.6:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "28A4EAC7-4D17-4837-8459-3A54F805BD0D"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]