The Mask APT Returns with Advanced Multi-Platform Malware Toolkit
December 17, 2024Vidar Malware – Active IOCs
December 18, 2024The Mask APT Returns with Advanced Multi-Platform Malware Toolkit
December 17, 2024Vidar Malware – Active IOCs
December 18, 2024Severity
High
Analysis Summary
CVE-2024-46340 CVSS:8.8
TP-Link TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to transmit user credentials in plaintext after executing a factory reset.
CVE-2024-46341 CVSS:8
TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be easily decoded by an attacker executing a man-in-the-middle attack.
CVE-2024-50699 CVSS:8
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contain weak default credentials for the Administrator account.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-46340
- CVE-2024-46341
- CVE-2024-50699
Affected Vendors
Affected Products
- TL-WR845N(UN)_V4_200909
- TL-WR845N(UN)_V4_190219
- TL-WR845N(UN)_V4_201214
Remediation
Refer to TP-Link Security Advisory for patch, upgrade, or suggested workaround information.