TP-Link Router update quickly: Serious security flaw discovered
Security researchers have uncovered a serious vulnerability in TP-Link routers. Affected should quickly install the latest Patches.
For Router from the manufacturer TP-Link, a new Zero-Day vulnerability has been discovered. This allows attackers to gain via Telnet on the LAN-level full control over the Router. It was discovered the vulnerability, the security researcher Grzegorz Wypych from the security services IBM X-Force Red.
The Exploit of the security vulnerability CVE-2019-7405 is initiated with a Password-Overflow attack, in which an excessively long string via HTTP Request is sent. As a result, the Admin is emptied at the affected TP-Link routers password and an empty value is replaced. In the Wake of the attacker full Admin can gain access to the device.
WPS, remote access and co.