CVE-2023-33538
CVE-2023-33538
In short
TP-Link routers have a vulnerability that allows attackers to inject malicious commands through the wireless network settings interface. An attacker can execute arbitrary commands on the router, potentially taking full control of it.
Technical detail
Command injection vulnerability in the /userRpm/WlanNetworkRpm component allows unauthenticated or low-privileged attackers to inject OS commands via improperly sanitized parameters. Successful exploitation enables arbitrary code execution with router privileges, leading to complete device compromise, network traffic interception, and lateral movement.
Summary generated and translated by AI from the official description.
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component /userRpm/WlanNetworkRpm .
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 3
githubgithub.com/explxx/CVE-2023-33538★ 1githubgithub.com/mrowkoob/CVE-2023-33538-msf★ 1githubgithub.com/eev4n/tplink-osci★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.mdhttps://web.archive.org/web/20230609111043/https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/3/TL-WR940N_TL-WR841N_userRpm_WlanNetworkRpm_Command_Injection.mdhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-33538https://www.secpod.com/blog/cisa-issues-warning-on-active-exploitation-of-tp-link-vulnerability-cve-2023-33538/https://www.tp-link.com/us/support/faq/3562/