Rewterz

Rewterz Threat Advisory – Multiple Trend Micro Apex One Zero Day Vulnerabilities

November 22, 2022
Rewterz

Rewterz Threat Alert – APT27 Emissary Panda Aka LuckyMouse – Active IOCs

November 22, 2022

Rewterz Threat Advisory – TP-Link TL-WR940N httpd Zero Day Vulnerabilities

Severity

High

Analysis Summary

CVE-2022-43635 CVSS:6.5

The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the incorrect implementation of the authentication algorithm. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.

CVE-2022-43636 CVSS:7.5

The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system.

Impact

  • Information Disclosure
  • Security Bypass

Indicators Of Compromise

CVE

  • CVE-2022-43635
  • CVE-2022-43636

Affected Vendors

TP-Link

Affected Products

  • TL-WR940N

Remediation

Please refer to the TP-Link Support to find the hardware version on a TP-Link device

TP-Link Support

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.