TP-Link TL-WR840N Cross Site Request Forgery

2015.01.09
Credit: Sean
Risk: Low
Local: No
Remote: Yes
CWE: CWE-352


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Classification: //Dell SecureWorks/Confidential - Limited External Distribution: ############################################################################ # * Title: TP-Link TL-WR840N Configuration Import Cross-Site Request Forgery (CSRF) # * Advisory ID: SWRX-2015-001 # * Advisory URL: http://www.secureworks.com/cyber-threat-intelligence/advisories/SWRX-2015-00 1/ # * Date published: Wednesday, January 7, 2015 # * CVE: CVE-2014-9510 # * CVSS v2 base score: 9.3 # * Date of last update: Wednesday, January 7, 2015 # * Vendors contacted: TP-Link # * Release mode: Coordinated # * Discovered by: Sean Wright, Dell SecureWorks ############################################################################ Summary: TP-Link is a primary provider of networking equipment and wireless products for small and home offices as well as for small to midsized businesses. TL-WR840N is a combination wired/wireless router specifically targeted to small business and home office networking environments. The router's web administration console contains a cross-site request forgery (CSRF) vulnerability that allows threat actors to import their own configuration to the router. An attack could alter any configuration setting on the device. ---------------------------------------------------------------------------- Affected products: This vulnerability affects TP-Link TL-WR840N v1 (firmware 3.13.27, build 140714 and prior). ---------------------------------------------------------------------------- Vendor information, solutions, and workarounds: TL-WR840N users should upgrade the router's firmware to 3.13.27, build 141120 or later. ---------------------------------------------------------------------------- Details: The TP-Link TL-WR840N router provides a web administration console that enables the device owner to change the router's configuration. The administration console includes an option to import an existing configuration from a binary file, but this feature is vulnerable to CSRF attacks. A threat actor could use social engineering to trick a victim into visiting a malicious web page that exploits the CSRF vulnerability and imports a malicious configuration file via the router's web administration console. The attacker could change any settings on the router, including the firewall settings and the router's remote administration capabilities. If the device owner has not changed the default username and password, then the attack would not require the victim to log into the router's web administration console. ----------------------------------------------------------------------------


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top