Category: General|Dec 21, 2019 | Author: Admin

Buffer Overflow Exploit Discovered That Overwrites Admin Password of TP-Link Archer Routers

Share on

A serious security bug affected numerous TP-Link routers. The vulnerability in TP-Link Archer routers could allow a potential attacker to remotely take over the device.

TP-Link Archer Routers vulnerability Researchers discovered a serious security vulnerability in TP-Link Archer routers.

Exploiting the vulnerability could allow a remote attacker to take complete control of the router.

Elaborating on the bug, Grzegorz Wypych, from IBM X-Force Red team, said that the firmware bug affected both home and business routers.

To exploit the bug, an attacker merely had to send an HTTP request including a character string longer than the allowed number.

As a result, the user password would become void. As stated in their blog post,

At first, we tried to send a shorter string, with only a few bytes.

This short string went through and corrupted the password file.

The result is that the user would not be able to log in, and nor would the attacker… Next, we tried sending through a password longer than the allowed number of characters.

This time, the password was voided altogether, and the value was now empty.

Consequently, the researchers could gain access to FTP and TELNET with only the username ‘admin’ without any password.

This way, an attacker could not only take over the router but would also lock out the legitimate user from using the device.

Patches Rolled Out Following the report, TP-Link acknowledged the vulnerability with CVE number CVE-2019-7405.

The bug primarily affected router models Archer C5 V4, Archer MR200v4, Archer MR6400v4, and Archer MR400v3.

TP-Link has issued patches for the firmware. Users of vulnerable routers must ensure installing the latest updates to ensure they are protected.

Recently, researchers also discovered a critical command execution bug in D-Link routers, which the vendors refused to patch. Let us know your thoughts in the comments.

Sponsored Ads:

Comments:


Over 200 malicious apps on Google Play downloaded millions of times

Category: Google|Oct 15, 2024 | Author: Admin

Google warns uBlock Origin and other extensions may be disabled soon

Category: IT|Oct 14, 2024 | Author: Admin

Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server

Category: Microsoft|Oct 13, 2024 | Author: Admin

Microsoft fixes Word bug that deleted documents when saving

Category: Microsoft|Oct 12, 2024 | Author: Admin

Microsoft Outlook bug blocks email logins, causes app crashes

Category: IT|Oct 11, 2024 | Author: Admin

The Internet archive is down - and your user information may have been stolen

Category: IT|Oct 10, 2024 | Author: Admin

Discord blocked in Russia and Turkey for spreading illegal content

Category: IT|Oct 9, 2024 | Author: Admin

Google ordered to open up the Play Store in Epic Games antitrust ruling

Category: Google|Oct 8, 2024 | Author: Admin

Recently patched CUPS flaw can be used to amplify DDoS attacks

Category: IT|Oct 7, 2024 | Author: Admin

Google removes Kaspersky's antivirus software from Play Store

Category: Google|Oct 6, 2024 | Author: Admin

UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls

Category: IT|Oct 5, 2024 | Author: Admin

Cloudflare blocks largest recorded DDoS attack peaking at 3.8Tbps

Category: IT|Oct 4, 2024 | Author: Admin

Microsoft blocks Windows 11 24H2 on some Intel PCs over BSOD issues

Category: Microsoft|Oct 3, 2024 | Author: Admin

Microsoft Office 2024 now available for Windows and macOS users

Category: Microsoft|Oct 2, 2024 | Author: Admin

HPE Aruba Networking fixes critical flaws impacting Access Points

Category: IT|Oct 1, 2024 | Author: Admin
more