CVE-2022-49134: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49134 is a command execution vulnerability that exists in the tddpd enabletestmode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point (EAP115 V4) v5.0.4 Build 20220216. The vulnerability was discovered in 2022 and affects specific TP-Link access point models (CERT-FR).

The vulnerability allows an attacker to execute arbitrary commands through specially crafted network requests. Specifically, this vulnerability impacts the uclited service on the EAP115(V4) 5.0.4 Build 20220216 of the N300 Wireless Gigabit Access Point. An attacker can trigger this vulnerability by sending a sequence of unauthenticated packets to the affected device (CERT-FR).

The vulnerability allows remote attackers to execute arbitrary commands on affected devices without requiring authentication. This could potentially lead to complete compromise of the affected access points, allowing attackers to gain unauthorized control over the device (CERT-FR).

The affected devices should be updated to the latest firmware versions provided by TP-Link. Organizations using the affected access points should ensure their devices are running the most recent firmware to protect against this vulnerability (CERT-FR).