Home

Dec 21, 2019

Buffer Overflow Exploit Discovered That Overwrites Admin Password of TP-Link Archer Routers


A serious security bug affected numerous TP-Link routers. The vulnerability in TP-Link Archer routers could allow a potential attacker to remotely take over the device.

TP-Link Archer Routers vulnerability Researchers discovered a serious security vulnerability in TP-Link Archer routers.

Exploiting the vulnerability could allow a remote attacker to take complete control of the router.

Elaborating on the bug, Grzegorz Wypych, from IBM X-Force Red team, said that the firmware bug affected both home and business routers.

To exploit the bug, an attacker merely had to send an HTTP request including a character string longer than the allowed number.

As a result, the user password would become void. As stated in their blog post,

At first, we tried to send a shorter string, with only a few bytes.

This short string went through and corrupted the password file.

The result is that the user would not be able to log in, and nor would the attacker… Next, we tried sending through a password longer than the allowed number of characters.

This time, the password was voided altogether, and the value was now empty.

Consequently, the researchers could gain access to FTP and TELNET with only the username ‘admin’ without any password.

This way, an attacker could not only take over the router but would also lock out the legitimate user from using the device.

Patches Rolled Out Following the report, TP-Link acknowledged the vulnerability with CVE number CVE-2019-7405.

The bug primarily affected router models Archer C5 V4, Archer MR200v4, Archer MR6400v4, and Archer MR400v3.

TP-Link has issued patches for the firmware. Users of vulnerable routers must ensure installing the latest updates to ensure they are protected.

Recently, researchers also discovered a critical command execution bug in D-Link routers, which the vendors refused to patch. Let us know your thoughts in the comments.

Category: General
Posted by: Admin
authorarticle: Master3395
TP_link_router_scaled.jpg
video: 
youtube: 
sources: 
keywords: December 18, 2019 Abeerah Hashim 459 Views 0 Comments firmware, Firmware vulnerability, flaw, infected router, Injection, remote attacks, remote code, remote code execution, Router, router vulnerability, routers, TP Link router vulnerability, TP Link rout

Comments:

comments powered by Disqus

Return
Discord

Page 1 of 506  >  >>

Microsoft with Skype crisis response: removes login requirements, copies Zoom

skype.webp

Apr 4, 2020 | Category: Microsoft | Comments

Do as Zoom with link sharing and no Microsoft account requirements.

During the corona crisis, Microsoft has finally found that it must be easy to start meetings and stay in touch.

read more…

OnePlus 8 gets top marks

oneplus8.webp

Apr 3, 2020 | Category: General | Comments

And that's before it's launched.

On April 14 at 17:00, OnePlus 8 will be unveiled.

read more…

Tekya Malware Targets 1 Million Android Users Through Malicious Apps On Play Store

android.jpg

Apr 2, 2020 | Category: Google | Comments

While Google employs some tough policies for app developers to keep the Play Store safe, yet it never remains so. Once again, criminal hackers managed to ditch Google’s policies and flood the Play Store with malicious Android apps.

This time, they target users with Tekya malware distributed via numerous apps with almost 1 million downloads.

read more…

Page 1 of 506  >  >>