A security researcher has discovered a critical zero-day vulnerability in multiple TP-Link Wi-Fi extender models.
The flaw was discovered by security researcher Grzegorz Wypych from IBM X-Force and could allow remote code execution on vulnerable devices.
The RCE flaw could allow arbitrary command execution via a malformed user agent field in HTTP headers.
According to the researcher if exploited a remote attacker could gain complete control over the device and command it with the same privileges of the device’s legitimate user.
Here the attacker doesnt require to login or authentication to the Wi-Fi extender to gain access and privilege escalation is not needed since all processes on these devices already run with root-level access.
The extender operates on the MIPS architecture and the flaw could be triggered by sending a modified HTTP request.
The HTTP request allows any shell command to be executed on the targeted RE365 Wi-Fi extender.
The affected models are TP-Link RE365 Wi-Fi extender models RE365,RE650, RE350 and RE500 with firmware version 1.0.2, build 20180213.
TP-Link has released security patches addressing the flaw and all users are advised to update their devices immediately.
You may be interested in reading: New GandCrab Ransomware Campaign Targets MySQL Servers on Windows