TP-Link AX1800 Dual-Band Wi-Fi 6 Router Remote Code Execution

Description

A memory corruption vulnerability in the TP-Link AX1800 WiFi 6 Router (Archer AX20) allows attackers to exploit a stack-based buffer overflow in the MiniDLNA service through a specially crafted database file. Attackers with access via Samba or FTP can upload a malicious .TPDLNA/files.db database file to trigger remote code execution on the router.