Multiple vulnerabilities in TP-Link WiFi extenders allow you to hack a WiFi network

Cybersecurity specialists have reported finding two critical vulnerabilities in the TL-WPA4220 WiFi signal extender, developed by TP-Link. According to the report, failures allow the execution of arbitrary commands and the deployment of denial-of-service attacks.

Below are brief descriptions of reported failures, in addition to their respective identification keys and scores according to the Common Vulnerability Scoring System (CVSS).

CVE-2020-24297: Incorrect input validations would allow remote threat actors to send a specially designed POST request to the endpoint/admin/powerline and execute arbitrary commands on the target operating system.

This is an average security flaw that received a score of 7.7/10 on the CVSS scale and its successful operation could result in the full commitment of the vulnerable system.

CVE-2020-28005: This failure exists due to a limit error in http that would allow remote threat actors to send specially designed POST requests to the /admin/syslog endpoint, triggering a stack-based buffer overflow and generating a denial of service (DoS) condition.

The vulnerability received a CVSS score of 5.7/10 and its successful exploitation could have serious consequences on compromised systems.

These flaws can be exploited by unauthenticated remote threat actors by sending specially designed requests to affected devices, however, specialists have not yet detected active exploit attempts or the existence of a malware variant associated with this attack.

Updates are now available for all TL-WPA4220 versions prior to v4_201023, so users of affected installations are advised to update as soon as possible.