Summary: A security researcher has discovered a critical vulnerability (CVE-2024-54887) in the TP-Link TL-WR940N router, affecting hardware versions 3 and 4. This vulnerability allows for arbitrary remote code execution through stack buffer overflow exploitation, posing significant risks to users. The research involved advanced techniques such as static and dynamic analysis, leading to the development of a viable exploit.
Threat Actor: Unknown | unknown
Victim: TP-Link | TP-Link
Keypoints :
- Vulnerability identified in TP-Link TL-WR940N router, affecting hardware versions 3 and 4.
- Exploitation method involves stack buffer overflow due to unbounded calls to strcpy() in DNS settings.
- Exploit development utilized ROP techniques, successfully executing a bind shell on the compromised device.
Source: https://gbhackers.com/poc-exploit-released-for-tp-link-code-execution-vulnerability/