Geeks for your information News Privacy & Security News v
Multiple Remote TP-Link TL-R600VPN Router Vulnerabilities Patched
Multiple Remote TP-Link TL-R600VPN Router Vulnerabilities Patched
silversurfer Offline
Staff Member
******
Posts: 3,885
Threads: 3,283
Thanks Received: 5,064 in 3,838 posts
Thanks Given: 6,200
Joined: 12 September 18
#1
19 November 18, 20:07
Quote:TP-Link TL-R600VPN routers with HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 were found to contain multiple remotely exploitable remote code execution (RCE), denial-of-service (DoS), and information disclosure security issues as disclosed by Cisco Talos' Jared Rittle.

Luckily, the remote code execution vulnerabilities discovered in the TP-Link TL-R600VPN 'SafeStream Gigabit Broadband VPN Router' require the remote attackers to be authenticated which decreases the seriousness of these security issues.

However, according to the Cisco Talos researcher, the exploit code "could be executed with root privileges" because the arbitrary code execution is performed under the security privileges of the HTTPD process which is always running as root.

Source: https://news.softpedia.com/news/multiple...3857.shtml
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Find
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:

[-]
Recent Posts
Sysinternals Suite 3.26.2026
What's New (March ...harlan4096 — 11:40
AxCrypt 3.0.0.83
AxCrypt 3.0.0.83: ...harlan4096 — 11:39
Microsoft Edge 146.0.3856.84
Version 146.0.3856...harlan4096 — 11:37
PowerToys 0.98.1
Release v0.98.1 ...harlan4096 — 11:37
Opera 129.0.5823.28
Hello! A new Op...harlan4096 — 11:36

[-]
Birthdays
Today's Birthdays
avatar (46)qaqapeti
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>