Talos is disclosing in the TP-Link TL-R600VPN router. TP-Link produces a number of different types of small and home office (SOHO) routers. Talos discovered several bugs in this particular router that could lead to code execution.

There are two root causes of the vulnerabilities: a lack of input sanitisation and parsing errors. The lack of proper input sanitisation leads the vulnerabilities TALOS-2018-0617/18, which can be exploited without authentication. Parsing errors are responsible for the vulnerabilities TALOS-2018-0619/20. However, these can only be exploited with an authenticated session. The remote code execution is done under the context of HTTPD However, since the HTTPD process is running under root, an attacker can run code with elevated privileges.

All vulnerabilities were found on HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3, except for TALOS 2018-0620, which was found only on HWv3 FRNv1.3.0.



Source link


Please enter your comment!
Please enter your name here