Internet

One of TP-Link’s best-selling routers can be hacked

The well-known manufacturer TP-Link once again suffers from a new security vulnerability, in this case the affected one is one of its best-selling routers, both domestically and also to WISP operators in Spain and other parts of the world. The affected model is the popular TP-Link TL-WR841 with different hardware versions, and it is that a security researcher has discovered a serious vulnerability that would allow an external attacker to be able to execute random commands, that is, gain total control of the router. Next, we explain all the details of this serious security flaw.

What is this vulnerability?

The vulnerability consists of a “buffer overflow”, that is, buffer overflow. The affected component is the httpd service of the router itself TP-Link TL-WR841N V12, although router versions V11 and V10 are also affected, later we will detail all the affected models as well as the affected firmware versions. This security flaw discovered by a security researcher allows an authenticated remote attacker to execute arbitrary code via an HTTP GET request to the Wi-Fi network tools page, i.e. the “System Tools” menu of the firmware of the device. router.

This security flaw has a high criticality of 8.8/10, it has been assigned an identifier CVE-2022-30024 where you can see all the details of this vulnerability in TP-Link routers.

Models affected by the bug

Manufacturers like TP-Link usually add different hardware components to their routers, changing the hardware version of the equipment, without having to change the model name. In this case, the models vulnerable to this security flaw are the following:

  • TL-WR841 V12
  • TL-WR841 V11
  • TL-WR841 V10

If you have this TL-WR841 model and it matches the hardware version, you will need to check the firmware version you are currently using. If you are using the following firmware versions, you are affected by this bug:

  • TL-WR841N(EU)_V12_160624
  • TL-WR841N(EU)_V11_160325
  • TL-WR841N_V11_150616
  • TL-WR841N_V10_150310

Another vulnerability in the TL-WR940N router

The manufacturer has also suffered from a significant vulnerability in the router TL-WR940N, another top seller for home users who need a simple router and also for WISP operators. In this case, the security flaw is that there is a security flaw that would allow arbitrary code to be executed by a user connected via cable or WiFi, that is, anyone connected to the router could execute code in the router, in addition, it is not necessary to authenticate on the router to do it.

The problem is due to improper validation of the length of the user-supplied data before copying it into a stack-type fixed-length buffer, an attacker could execute any type of code in this scenario.

The firmware version affected by this serious security flaw is the TP-Link TL-WR940N 3.20.1 Build 200316so if you have this version or lower, update your router as soon as possible to avoid security problems.

As you can see, in recent times the manufacturer TP-Link has not stopped having serious security flaws in its most popular routers.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *