The Mask APT Returns with Advanced Multi-Platform Malware Toolkit

December 17, 2024

Vidar Malware – Active IOCs

December 18, 2024

Multiple TP-Link Products Vulnerabilities

December 17, 2024

Severity

High

Analysis Summary

CVE-2024-46340 CVSS:8.8

TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.

CVE-2024-46341 CVSS:8

TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.

CVE-2024-50699 CVSS:8

TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.

Impact

Gain Access

Indicators of Compromise

CVE

CVE-2024-46340
CVE-2024-46341
CVE-2024-50699

Affected Vendors

TP-Link

Affected Products

TL-WR845N(UN)_V4_200909
TL-WR845N(UN)_V4_190219
TL-WR845N(UN)_V4_201214

Remediation

Refer to TP-Link Security Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-46340

CVE-2024-46341

CVE-2024-50699

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Local Privilege Escalation to Root via Sudo chroot in Linux

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us