TP-Link Router Remote Code Execution Vulnerability

Last Update Date: 17 Dec 2019 10:43 Release Date: 17 Dec 2019 6609 Views

RISK: Extremely High Risk

TYPE: Operating Systems - Networks OS

TYPE: Networks OS

A vulnerability was identified in TP-Link router, a remote authenticated attacker could exploit some of this vulnerability to trigger elevation of privilege, denial of service, remote code execution and security restriction bypass on the targeted system.

Note: Proof Of Concept Exploit Code Is Publicly Available

Impact

Denial of Service
Elevation of Privilege
Remote Code Execution
Security Restriction Bypass

System / Technologies affected

TP-Link Archer C5 v4 routers

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Archer C5 V4:
https://static.tp-link.com/2019/201909/20190917/Archer_C5v4190815.rar

For detail, please refer to the links below:

https://securityintelligence.com/posts/tp-link-archer-router-vulnerability-voids-admin-password-can-allow-remote-takeover/

Vulnerability Identifier

CVE-2017-7405

Source

SecurityWizardry

Related Link

Share with

WordPress Multiple Vulnerabilities

16 Dec 2019 5303 Views

Google Chrome Remote Code Execution Vulnerability

19 Dec 2019 5757 Views