News

TP-Link closes overflow leak in Archer router that gave attacker admin rights

By admin
Spread the love

TP-Link has fixed a leak in its Archer routers. This made it possible to change the configuration of the device. IBM researchers have discovered the vulnerability and are calling it a “zero day,” but there is no evidence that the vulnerability has been actively exploited.

The vulnerability is labeled CVE_2017_7405. The vulnerability was discovered by IBM security researchers and applies to TP-Link’s Archer C5 routers, with Firmware Version 16.0 0.9.1 v600c.0 Build 180124 Rel.28919n. According to the researchers, it is possible to access the router via Telnet and then exploit the leak. Attackers can thus enter the network from a distance and move through the network. Attackers can also get on ftp servers. The attackers could gain admin rights on the router with the vulnerability.

It is an overflow vulnerability. If an attacker entered a password of a certain length, the password field was replaced with an empty value that was always accepted. In addition, users could only log in to the router as admin with root rights, which immediately gave an attacker many possibilities in the system.

IBM calls the vulnerability a zero day, but does not provide examples of where the vulnerability has been actively exploited. TP-Link has now released a patch that closes the leak.

Facebook Notice for EU! You need to login to view and post FB Comments!
You might also like
News

Google is serious about ending passwords: ‘passkeys’ are becoming the…

News

EU Council determines position on security requirements for digital products

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Valve releases major Team Fortress 2 update with community maps and new taunts

News

GitHub enables passwordless login via passkeys in beta

News

Rumor: Meta wants to release open source language model LLaMA as a paid product