RE365 Remote Code Execution Vulnerability

Security Advisory
Ενημερομένα09-29-2019 09:43:52 AM 13251

We at TP-Link have been made aware of the remote code execution (RCE) vulnerability reported by Grzegorz Wypych, a researcher for IBM X-Force.

 

This vulnerability can allow arbitrary command execution via a malformed user agent field in HTTP headers, only if an attacker is connected to the local network.

 

TP-Link has released new firmware for the affected models to eliminate this vulnerability. The updates can be downloaded directly from the official TP-Link websites:

 

RE350: https://www.tp-link.com/support/download/re350/#Firmware

RE365: https://www.tp-link.com/support/download/re365/#Firmware

RE500: https://www.tp-link.com/support/download/re500/#Firmware

RE650: https://www.tp-link.com/support/download/re650/#Firmware

 

If there is still any confusion regarding this vulnerability, please contact TP-Link through the support page on the official website at https://www.tp-link.com/support/.

ΕγγραφήΗ TP-Link λαμβάνει σοβαρά υπόψη το απόρρητό σας. Για περισσότερες λεπτομέρειες σχετικά με τις πρακτικές απορρήτου της TP-Link, ανατρέξτε στην ενότητα Πολιτική απορρήτου του TP-Link.

Από United States?

Λάβετε προϊόντα, εκδηλώσεις και υπηρεσίες για την περιοχή σας.