TP-Link TL-WR840N - Command Injection
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
25 days 13 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
The TP-Link TL-WR840N(ES)_V6.20_180709 router contains a command injection vulnerability in the oal_setIp6DefaultRoute component. This vulnerability allows authenticated attackers to execute arbitrary system commands, leading to complete device compromise.
References:
- https://github.com/exploitwritter/CVE-2022-25061/blob/main/CVE-2022-25061.py
- https://east-trowel-102.notion.site/CVE-2021-XXXX-Injection-of-commands-through-object-oal_setIp6DefaultRoute-EN-ddf9c1db199d49829269147ada6cb312
- https://nvd.nist.gov/vuln/detail/CVE-2022-25061
- http://router.com
- http://tp-link.com
Remediation:
Update firmware to the latest version if available. If no firmware update is available,consider implementing network segmentation to limit access to the router's management interface.