Home > Cyber News > CVE-2018-15702: TP-LINK TL-WR841N Router Vulnerability Found
CYBER NEWS

CVE-2018-15702: TP-LINK TL-WR841N Router Vulnerability Found

by   |  Last Update:  |  0 Comments  

A security researcher has discovered a critical TP-LINK TL-WR841N Router Vulnerability which affects all device owners. The bug is a collection of three issues that all can be exploited by hackers as presented in the demonstrated proof-of-concept code. At this moment TP-Link has still not released a patch to fix the problems.




CVE-2018-15702 : TP-LINK TL-WR841N Router Security Bug Still Not Addressed

One of the most popular vendors of home routers and network products TP-LINK has been found to offer a vulnerable product. A security researcher uncovered a vulnerability in one of their most popular offerings — the TL-WR841N which is often provided and advertised by Internet Service Providers (ISPs) and computer shops worldwide.

Related Story: All Wi-Fi Routers Found to Be Affected by Unfixable Vulnerability

During an analysis of its firmware and operations he uncovered several bugs which collectively lead to a critical vulnerability. They have received their own independent security advisories which are the following:

  • CVE-2018-11714 — This is an improper flaw in authentication which allows unauthenticated attackers to trigger CGI code in the administrative web page. This is done by spoofing the HTTP referrer request from the access pages or the direct IP address of the device.
  • CVE-2018-15702 — This is a cross-site request forgery (CSRF) attack to the router’s administrative panel. The reason for this is insufficient validation of the referrer field.
  • CVE-2018-15700 & CVE-2018-15701 — Two security vulnerabilities that allow the hackers to execute denial-of-service (DoS) attacks. IF this is done the web service can be crashed.

The CVE-2018-15702 is the most dangerous vulnerability affecting the TP-LINK TL-WR841N router as allows the hackers to cause remote attacks. The researcher has contacted TP-LINK reporting the problem however as the issue was not fixed in due time a public report has been made. This means that hackers can easily fingerprint the devices and use automated methods to exploit the devices.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.

More Posts

Follow Me:
Twitter

Related posts:
  1. Router Security: 10 Simple Tips to Protect Yourself Routers are an important part of the communication network. This...
  2. Remove Malware from Your Router Effectively Cyber-criminals have always been evolving when it comes to attacking...
  3. Which Are the Most Secure Routers in 2017 *The data in this table may update every week because...
  4. Router Security Anyone? Users Widely Unaware of Router Security Risks Not enough users are acquainted with the risks associated with...
  5. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  6. Amazon Best-Selling TP-Link Router Shipped with Vulnerable Firmware A number of security flaws in the default firmware and...
  7. VPNFilter UNIX Trojan – How to Remove It and Protect Your Network This article has been created to explain what exactly is...
  8. Remove Jiton JavaScript Malware from Your Router Researchers at TrendMicro have managed to discover and research a...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree