Backdoor in TP-Link devices

Posted: March 15, 2013 in Vulnerabilities, Vulnerability News
Tags: , , , ,

Backdoor in TP-Link devices

Backdoor in TP-Link devices

Vulnerability: Backdoor in TP-Link devices

Danger level: Avarage
Patch: None
Number of vulnerabilities: 1

Vector of operation: Local Network
Impact: System Compromise

Be exploited: PoC code
Affected products:  TL-WR743ND, TL-DR4300.

Affected versions:  TL-WDR4300, TL-WR743ND (v1.2 v2.0).

Description:

Which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to insufficient restrictions on access to administrative functionality in HTTP, FTP and TFTP services. A remote user can connect to the device and get full control over it.

Manufacturer URL: http://www.tp-link.com/

Solution: The way to remove the backdoor does not exist at present.

links:
http://sekurak.pl/tp-link-httptftp-backdoor/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s