Attackers can attack the WLAN access points of TP-Link AC1350 Wireless and N300 Wireless N Ceiling Mount and, among other things, reset them to factory settings.
The attacks
Advertisement
Security researchers from Cisco Talos warn about this in an article. Three vulnerabilities (CVE-2023-49074 “high“, CVE-2023-49134 “high“, CVE-2023-49133 “high“) are in the TP-Link Device Debug Protocol (TDDP).
Attackers should be able to do this without authentication. By sending prepared packages, DoS attacks as well as malicious code attacks are possible. In the course of a successful DoS attack, attackers can reset the device to its factory state.
According to the researchers, such attacks are only possible within 15 minutes of a restart, as the vulnerable TDDP is only active during this period.
Special HTTP requests trigger eight additional holes, resulting in memory errors. This can allow malicious code to get onto devices.
Security updates
The security researchers state that firmware versions that protect against the attacks described have already been released. But they don’t give exact version numbers. Anyone who has a WLAN access point that is under threat should make sure that the device is up to date. There is currently no information about ongoing attacks.
Cisco Talos has compiled more detailed facts about the gaps in several articles:
(of)