Attacker Value
Unknown
(1 user assessed)
Exploitability
Very High
(1 user assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

TP-Link Wi-Fi extender User-Agent Header Injection CVE-2019-7406

Last updated February 13, 2020
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

A pre-authentication command injection vulnerability in TP-Link Wi-Fi extenders allows commands to be executed as root. The injection occurs when the User-Agent header of a request is passed to an execve system call.

TP-Link RE365 Wi-Fi extender with firmware version 1.0.2, build 20180213 Rel. 56309 was originally discovered to be vulnerable. TP-Link found that other models were affected: RE650, RE350 and RE500.

Add Assessment

1
Ratings
  • Exploitability
    Very High
Technical Analysis

From the write-up by Grzegorz Wypych the vulnerability seems easy to exploit since the header is passed to an execve system call.

General Information

Additional Info

Technical Analysis