Full router takeover
https://www.bleepingcomputer.com/news/security/tp-link-router-bug-lets-attackers-login-without-passwords/
TP-Link patched a critical vulnerability impacting some of its Archer routers that could allow potential attackers to void their admin passwords and remotely take control of the devices over LAN via a Telnet connection.
"If exploited, this router vulnerability can allow a remote attacker to take control of the router’s configuration via Telnet on the local area network (LAN) and connect to a File Transfer Protocol (FTP) server through the LAN or wide area network (WAN)," found IBM X-Force Red's Grzegorz Wypych.