US Cybersecurity Agency Flags Wi-Fi Range Extender Vulnerability Under Active Attack
securityweekFlaw allows attackers to reset and hijack TP-Link TL-WA855RE devices; CISA urges users to retire discontinued extenders.
The US cybersecurity agency CISA issued a fresh warning that a missing authentication vulnerability in TP-Link TL-WA855RE Wi-Fi range extender products has been exploited in attacks.
Tracked as CVE-2020-24363 (CVSS score of 8.8), the flaw is described as a missing authentication for a critical function issue that allows an attacker on the same network to send unauthenticated requests for a factory reset and reboot.
“The attacker can then obtain incorrect access control by setting a new administrative password,” a NIST advisory reads.
In August 2020, malwrforensics warned that, although the device’s web interface requires authentication to access administrative controls, unauthenticated attackers can send TDDP_RESET POST requests and circumvent the mechanism.
“However, an attacker can bypass it and use the APIs provided to send the TDDP_RESET code which doesn’t have any ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE