Attackers can attack WLAN access points of TP-Link AC1350 Wireless and N300 Wireless N Ceiling Mount and, among other things, reset them to factory settings.
Attacks
advertisement
Security researchers from Cisco Talos warn about this in an article. Three vulnerabilities (CVE-2023-49074)high“,CVE-2023-49134”high“,CVE-2023-49133”high“) is present in the TP-Link Hardware Debugging Protocol (TDDP).
Attackers should be able to do this without authentication. By sending crafted packets, DoS attacks as well as malicious code attacks are possible. In the course of a successful DoS attack, attackers can reset the device to a factory state.
According to the researchers, such attacks are only possible within 15 minutes of reboot, as the vulnerable TDDP is only active during this period.
Special HTTP requests introduce eight additional vulnerabilities, which result in memory errors. This can allow malicious code to gain access to devices.
Security updates
Security researchers state that firmware versions that protect against the described attacks have already been released. But they don't give exact version numbers. Anyone with a vulnerable WLAN access point should make sure the device is updated. There is currently no information about ongoing attacks.
Cisco Talos has compiled more detailed facts about the vulnerabilities in several articles:
(to)
“Subtly charming coffee scholar. General zombie junkie. Introvert. Alcohol nerd. Travel lover. Twitter specialist. Freelance student.”
More Stories
A new GPU model with the AD103 chip has been spotted
MyTaag announces €500,000 funding
Resident Evil 9: Release may have been delayed internally, insiders say