lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 26 Apr 2018 15:32:43 +0100
From: Andrew Mabbitt <>
Subject: [FD] [RCE] TP-Link Remote Code Execution CVE-2017-13772 v2 - >180,
 000 affected devices

Title: [CVE-2017-13772] TPLink TLWR740N Remote Code Execution
Blog URL:
Vendor: TP-Link
Date Published: 26/04/2018
CVE: CVE-2017-13772

** Vulnerability Summary

A remote code execution vulnerability was identified in TP-Link's
WR740N home WiFi router. Valid credentials are required for this
attack path. It is possible for an authenticated attacker to obtain a
remote shell with root privileges. This vulnerability of a clone of

CVE-2017-13772 reported by the Fidus team last year. There are
currently >180,000
affected devices searchable on Shodan.

** Vendor Response The vendor response has been lacking and a patch has
still not been released after 3 months. ** Report Timeline 25/1/18 –
Initial contact with description of issue, contact with
26/1/18 – Reply from TP-Link asking for more details, sent them the details
for CVE-2017-13772 (wr940n model).
1/2/18 – TP_Link inform us they are looking into the issue.
15/2/18 – Request from us for an update.
30/2/18 – Request from us for an update.
26/3/18 – Another request for an update, warning of public disclosure sent.
28/3/18 – Reply from, inform us they are releasing a
patch in the “recent days”.
29/3/18 – send us beta firmware to fix the issue.
29/3/18 – Sent a reply to to confirm the issue fixed.
9/4/18 – Request for an estimate for when the firmware goes live.
18/4/18 – Another request, another warning of public disclosure sent.
26/4/18 – No reply received, public disclosure of vulnerability. ** Credit
This vulnerability was discovered by Tim Carrington @__invictus_, part of
the Fidus Information Security research team. ** References
<> **
Disclaimer This advisory is licensed under a Creative Commons Attribution
Non-Commercial Share-Alike 3.0 License:

Sent through the Full Disclosure mailing list
Web Archives & RSS:

Powered by blists - more mailing lists