Rewterz Threat Advisory – CVE-2022-29402 – TP-Link TL-WR840N EU Vulnerability

Severity

Medium

Analysis Summary

CVE-2022-29402

TP-Link TL-WR840N EU could allow a local attacker to execute arbitrary commands on the system, caused by insecure protections for its UART console. By connecting to the UART port, an attacker could exploit this vulnerability to execute arbitrary commands as the root user without authentication.

Impact

• Command Execution

Indicators Of Compromise

CVE

• CVE-2022-29402

Affected Vendors

• TP-Link

Affected Products

• TP-Link TL-WR840N 6.20

Remediation

Refer to TP-Link TL-WR840N for patch, upgrade, or suggested workaround information.

TP-Link Website