Original Issue Date: February 07, 2022
Severity Rating: HIGH
Software Affected
TP-Link TL- WR841N V11 3.16.9 Build 160325 Rel.62500n
Overview
A vulnerability has been reported in TP-Link TL-WR841N wireless router which could allow an attacker on local network to access web-based management interface of the affected device with administrative privileges.
Description
The vulnerability exists in TP-Link TL-WR841N wireless router due to transmission of authentication information in cleartext base64 format. Successful exploitation of this vulnerability could allow a remote attacker to intercept credentials and subsequently perform administrative operations on the affected device through web-based management interface.
Credit: This vulnerability is found by ParulSindhwad, Anurag M. Chevendra, Dr. FarukKazi from COE-CNDS Lab, VJTI Mumbai, India.
Solution
Update TPLink WR841N firmware