A security researcher has discovered a critical TP-LINK TL-WR841N Router Vulnerability which affects all device owners. The bug is a collection of three issues that all can be exploited by hackers as presented in the demonstrated proof-of-concept code. At this moment TP-Link has still not released a patch to fix the problems.
CVE-2018-15702 : TP-LINK TL-WR841N Router Security Bug Still Not Addressed
One of the most popular vendors of home routers and network products TP-LINK has been found to offer a vulnerable product. A security researcher uncovered a vulnerability in one of their most popular offerings — the TL-WR841N which is often provided and advertised by Internet Service Providers (ISPs) and computer shops worldwide.
During an analysis of its firmware and operations he uncovered several bugs which collectively lead to a critical vulnerability. They have received their own independent security advisories which are the following:
- CVE-2018-11714 — This is an improper flaw in authentication which allows unauthenticated attackers to trigger CGI code in the administrative web page. This is done by spoofing the HTTP referrer request from the access pages or the direct IP address of the device.
- CVE-2018-15702 — This is a cross-site request forgery (CSRF) attack to the router’s administrative panel. The reason for this is insufficient validation of the referrer field.
- CVE-2018-15700 & CVE-2018-15701 — Two security vulnerabilities that allow the hackers to execute denial-of-service (DoS) attacks. IF this is done the web service can be crashed.
The CVE-2018-15702 is the most dangerous vulnerability affecting the TP-LINK TL-WR841N router as allows the hackers to cause remote attacks. The researcher has contacted TP-LINK reporting the problem however as the issue was not fixed in due time a public report has been made. This means that hackers can easily fingerprint the devices and use automated methods to exploit the devices.