Sensitive Information Leakage vulnerability still exists after upgrade of TP-LINK router 2015 in TL-WR842N

Sensitive Information Leakage vulnerability still exists after upgrade of TP-LINK router 2015 in TL-WR842N

Pulian Technology Co., Ltd. is a network equipment R & D and manufacturing company with nearly 20 years of history. Its products are mainly household and office desktop devices and are widely used. This is a wireless device with superior performance.
WooYun-2015-110062 (wooyun-2015-110062 affected suspected version 2.2.2 BUILD 140819 REL.60025n this vulnerability Affected Version Software Version: 2.3.4 Build 141118 Rel.74025n) vulnerability exposure, the TP-LINK quickly against the previous vulnerability repair and upgrade, however, there is still a slight vulnerability-a configuration information leakage vulnerability.
In order to better solve the problem, this report also submits the awesome CNVD exception information number CNVD-C-2015-25845, which is particularly described here.
This is a good home router. Happy weekend to all engineers.

Vulnerability details:



Attack path: Remote Network

Attack complexity: low

Authentication: no authentication is required

Confidentiality: completely

Integrity: no impact

Availability: no impact











TP-LINK TL-WR842N is a powerful Security Factor of Home Router, test equipment for two, are the same type of the same batch of unseal the latest products.

Software Version: 2.3.4 Build 141118 Rel.74025n

Suspected version number affected by the WooYun-2015-110062
 

1. The following test uses a browser to send a request without logon.



1. Attackers can use attack loads in the LAN direction. 1. Attackers can remotely execute commands and download configuration information.



2. In the master network of the WLAN Network, you can use payload 1 to remotely execute commands and download configuration information.



3. In the WAN network direction, the attacker is suspected to be able to execute two attack loads. The attack is successful but not yet executed.



4. The effective attack load cannot be carried out in the guest network of the WLAN Network.

Due to the existence of the third and fourth cases, the vulnerability is rated as medium-risk Rank5! (I entered 20 here to apologize for the review)





Ii. Effective attack Load

See test code area.





III. The following are the results of the two tests
 

 

Iv. device interface and packaging appearance
 

 

 

 

Solution:

Update firmware