CVE-2019-7406: TP-Link Wi-Fi Extender Remote Code Execution Vulnerability Alert

Recently, security experts from IBM X-Force discovered a remote code execution vulnerability (CVE-2019-7406) in the TP-Link Wi-Fi Extender. The vulnerability could be exploited by an unauthenticated remote attacker by triggering a malformed HTTP request, allowing an attacker to execute arbitrary shell commands on the target Wi-Fi extender. The attack does not require a privilege escalation because all processes on the vulnerable device are running with root privileges. The TP-Link Wi-Fi expander models affected by this vulnerability are RE365, RE650, RE350, and RE500.

Affected models and versions

  • TP-Link Wi-Fi extenders RE365(EU)_V1_190528 Previous version
  • TP-Link Wi-Fi extenders RE650(EU)_V1_190521 Previous version
  • TP-Link Wi-Fi extenders RE350(EU)_V1_190516 Previous version
  • TP-Link Wi-Fi extenders RE500 (EU)_V1_190521 previous version

Unaffected models and versions

  • TP-Link Wi-Fi extenders RE365(EU)_V1_190528
  • TP-Link Wi-Fi extenders RE650(EU)_V1_190521
  • TP-Link Wi-Fi extenders RE350(EU)_V1_190516
  • TP-Link Wi-Fi extenders RE500(EU)_V1_190521

Solution

TP-Link has released a firmware update to fix this vulnerability and has released a separate update for each affected model’s Wi-Fi extender.

Firmware update link for each model:

Via: securityaffairs