TP-Link TL-WR902AC(US)_V3_191209 routers were discovered to contain a stack overflow in the function DM_ Fillobjbystr(). This vulnerability allows unauthenticated attackers to execute arbitrary code.
https://github.com/EPhaha/IOT_vuln/tree/main/TP-Link/TL-WR902AC