www.belgium.be Logo of the federal government

Critical Flaw Exposes TP-Link Wi-Fi Extenders to Remote Attacks

Reference: 
Advisory #2019-017
Version: 
1.0
Affected software: 
TP-Link Wi-Fi extenders RE365(EU)_V1_190528
TP-Link Wi-Fi extenders RE650(EU)_V1_190521
TP-Link Wi-Fi extenders RE350(EU)_V1_190516
TP-Link Wi-Fi extenders RE500 (EU)_V1_190521
Type: 
Remote Code Execution
CVE/CVSS: 

CVE-2019-7406

Date: 
20/06/2019

Sources

https://www.securityweek.com/critical-flaw-exposes-tp-link-wi-fi-extenders-remote-attacks

Risks

An unauthenticated attacker can exploit the vulnerability by triggering a malformed http request allowing the attacker to execute arbitrary shell commands on the target Wi-Fi extender with root privileges. 

Description

IBM researchers discovered a serious zero-day vulnerability, impacting TP-Link Wi-Fi Extenders. The vulnerability (CVE-2019-7406) could lead to remote code execution attacks and affects TP-Link Wi-Fi Extender models RE365, RE650, RE350 and RE500 running firmware version 1.0.2, build 20180213. 

 

TP-Link has released a firmware update to fix this vulnerability and has released a separate update for each affected model’s Wi-Fi extender

Recommended Actions

CERT.be recommends systems administrators to patch vulnerable devices after thorough testing.