Buffer Overflow Exploit Discovered That Overwrites Admin Password of TP-Link Archer Routers
Share onA serious security bug affected numerous TP-Link routers. The vulnerability in TP-Link Archer routers could allow a potential attacker to remotely take over the device.
TP-Link Archer Routers vulnerability Researchers discovered a serious security vulnerability in TP-Link Archer routers.
Exploiting the vulnerability could allow a remote attacker to take complete control of the router.
Elaborating on the bug, Grzegorz Wypych, from IBM X-Force Red team, said that the firmware bug affected both home and business routers.
To exploit the bug, an attacker merely had to send an HTTP request including a character string longer than the allowed number.
As a result, the user password would become void. As stated in their blog post,
At first, we tried to send a shorter string, with only a few bytes.
This short string went through and corrupted the password file.
The result is that the user would not be able to log in, and nor would the attacker… Next, we tried sending through a password longer than the allowed number of characters.
This time, the password was voided altogether, and the value was now empty.
Consequently, the researchers could gain access to FTP and TELNET with only the username ‘admin’ without any password.
This way, an attacker could not only take over the router but would also lock out the legitimate user from using the device.
Patches Rolled Out Following the report, TP-Link acknowledged the vulnerability with CVE number CVE-2019-7405.
The bug primarily affected router models Archer C5 V4, Archer MR200v4, Archer MR6400v4, and Archer MR400v3.
TP-Link has issued patches for the firmware. Users of vulnerable routers must ensure installing the latest updates to ensure they are protected.
Recently, researchers also discovered a critical command execution bug in D-Link routers, which the vendors refused to patch. Let us know your thoughts in the comments.
Sponsored Ads:
Comments:
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024
Category: Microsoft|Apr 24, 2025 | Author: Admin
Microsoft Exchange 2016 and 2019 reach end of support in six months
Category: Microsoft|Apr 23, 2025 | Author: Admin
Google adds Android auto-reboot to block forensic data extractions
Category: Google|Apr 22, 2025 | Author: Admin
Microsoft warns of CPU spikes when typing in classic Outlook
Category: Microsoft|Apr 21, 2025 | Author: Admin
Hertz confirms customer info, drivers' licenses stolen in data breach
Category: General|Apr 20, 2025 | Author: Admin
Cybersecurity firm buying hacker forum accounts to spy on cybercriminals
Category: IT|Apr 19, 2025 | Author: Admin
SSL/TLS certificate lifespans reduced to 47 days by 2029
Category: IT|Apr 18, 2025 | Author: Admin
New ResolverRAT malware targets pharma and healthcare orgs worldwide
Category: IT|Apr 17, 2025 | Author: Admin
Kidney dialysis firm DaVita hit by weekend ransomware attack
Category: General|Apr 16, 2025 | Author: Admin
Microsoft Exchange 2016 and 2019 reach end of support in six months
Category: Microsoft|Apr 15, 2025 | Author: Admin
Meta to resume AI training on content shared by Europeans
Category: IT|Apr 14, 2025 | Author: Admin
Leak confirms OpenAI's GPT 4.1 is coming before GPT 5.0
Category: IT|Apr 13, 2025 | Author: Admin
Tycoon2FA phishing kit targets Microsoft 365 with new tricks
Category: Microsoft|Apr 12, 2025 | Author: Admin
Google's AI video generator Veo 2 is rolling out on AI Studio
Category: Google|Apr 11, 2025 | Author: Admin