Wi-Fi

TP-Link Wi-Fi Extenders Remote Code Execution Vulnerability (CVE-2019-7406) Threat Alert

junho 24, 2019

Overview

Recently, a security expert from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in multiple models of TP-Link Wi-Fi extenders. This vulnerability can be exploited by unauthenticated, remote attackers by sending a malformed HTTP request so as to execute arbitrary shell commands on a target Wi-Fi extender. The attack does not require escalation of privileges as all processes on the vulnerable devices already run with root privileges. (mais…)

Search

Inscreva-se no Blog da NSFOCUS