Multiple TP-Link Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2024-46340 CVSS:8.8

TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.

CVE-2024-46341 CVSS:8

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.

CVE-2024-50699 CVSS:8

TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2024-46340
CVE-2024-46341
CVE-2024-50699

Affected Vendors

TP-Link

Affected Products

TL-WR845N(UN)_V4_200909
TL-WR845N(UN)_V4_190219
TL-WR845N(UN)_V4_201214

Remediation

Refer to TP-Link Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-46340

CVE-2024-46341

CVE-2024-50699

The Mask APT Returns with Advanced Multi-Platform Malware Toolkit

Vidar Malware – Active IOCs

Multiple TP-Link Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan