Published:2021/01/22  Last Updated:2021/01/22

JVNVU#92444096
TP-Link TL-WR841N V13 (JP) vulnerable to OS command injection

Overview

TP-Link TL-WR841N V13 (JP) is vulnerable to OS command injection.

Products Affected

  • TL-WR841N V13 (JP) with firmware versions prior to 201216

Description

​TP-Link TL-WR841N is a wifi router for home networks.
The firmware version 161028 for hardware version V13 (JP) is reported vulnerable to OS command injection (CWE-78).

According to the vendor, the firmware for hardware version V14(JP) is not affected.

Impact

Any user who can login to the web interface of the product may execute any OS commands.

Solution

Update the Firmware
Update to the latest version of the firmware according to the information provided by the developer.

The developer has released the firmware version 201216 to fix this vulnerability.

Vendor Status

Vendor Link
TP-LINK Download TL-WR841N V13
How to find the hardware and firmware version of my TP-Link device?

References

  1. Isopach's blog
    TP-Link TL-WR841N Command Injection Exploit (CVE-2020-35576)

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

CVSS v3 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score: 7.2
Attack Vector(AV) Physical (P) Local (L) Adjacent (A) Network (N)
Attack Complexity(AC) High (H) Low (L)
Privileges Required(PR) High (H) Low (L) None (N)
User Interaction(UI) Required (R) None (N)
Scope(S) Unchanged (U) Changed (C)
Confidentiality Impact(C) None (N) Low (L) High (H)
Integrity Impact(I) None (N) Low (L) High (H)
Availability Impact(A) None (N) Low (L) High (H)
CVSS v2 AV:N/AC:M/Au:S/C:C/I:C/A:C
Base Score: 8.5
Access Vector(AV) Local (L) Adjacent Network (A) Network (N)
Access Complexity(AC) High (H) Medium (M) Low (L)
Authentication(Au) Multiple (M) Single (S) None (N)
Confidentiality Impact(C) None (N) Partial (P) Complete (C)
Integrity Impact(I) None (N) Partial (P) Complete (C)
Availability Impact(A) None (N) Partial (P) Complete (C)

Credit

Koh You Liang of 3-shake Inc. reported this vulnerability to the developer and JPCERT/CC.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2020-35576
JVN iPedia