Complete News World

TP-Link WLAN access points can be attacked for 15 minutes after a reboot

TP-Link WLAN access points can be attacked for 15 minutes after a reboot

Attackers can attack WLAN access points of TP-Link AC1350 Wireless and N300 Wireless N Ceiling Mount and, among other things, reset them to factory settings.


Security researchers from Cisco Talos warn about this in an article. Three vulnerabilities (CVE-2023-49074)high“,CVE-2023-49134”high“,CVE-2023-49133”high“) is present in the TP-Link Hardware Debugging Protocol (TDDP).

Attackers should be able to do this without authentication. By sending crafted packets, DoS attacks as well as malicious code attacks are possible. In the course of a successful DoS attack, attackers can reset the device to a factory state.

According to the researchers, such attacks are only possible within 15 minutes of reboot, as the vulnerable TDDP is only active during this period.

Special HTTP requests introduce eight additional vulnerabilities, which result in memory errors. This can allow malicious code to gain access to devices.

Security researchers state that firmware versions that protect against the described attacks have already been released. But they don't give exact version numbers. Anyone with a vulnerable WLAN access point should make sure the device is updated. There is currently no information about ongoing attacks.

Cisco Talos has compiled more detailed facts about the vulnerabilities in several articles:


To the home page