WiFi Extender bugs allow hackers to see what you see on phone and TV remotely

Cybersecurity specialists reported the finding of three serious vulnerabilities in Tenda’s PA6 Powerline, a solution to extend the range of a WiFi signal. According to the report, the successful exploitation of these flaws would allow threat actors, denial of service (DoS) attacks, among other scenarios.

Below are brief overviews of reported vulnerabilities, in addition to their respective scores and identification keys according to the Common Vulnerability Scoring System (CVSS).

CVE-2019-19506: Insufficient validation of user-supplied input in the “homeplugd” process would allow threat actors to deploy denial of service (DoS) attacks on affected systems by sending specially designed requests.

This flaw received a CVSS score of 6.9/10, so it is considered a medium severity vulnerability. While these flaws can be exploited remotely by unauthenticated hackers, so far no cases of active exploitation or a malware variant related to this attack have been reported. The flaw lies in PA6 Wi-Fi Powerline v1.0.1.21.

CVE-2019-19505: The second reported flaw exists due to a limit error in the “Wireless” section on the device’s web interface, which could allow threat actors to execute remote code on the target system by sending a specially crafted hostname and generating a buffer overflow.

Successful exploitation of this failure would lead to the total commitment of the affected system.

The vulnerability is in PA6 Wi-Fi Version and received a score of 9/10, so it is considered a critical flaw. This flaw can also be exploited remotely by unauthenticated hackers; no cases of exploitation have been reported in real-world scenarios. Researchers have also not detected any malware variants related to this attack.

CVE-2019-16213: Incorrect input validation allows remote threat actors to execute arbitrary commands on the target system. Threat actors would only have to send a specially designed string, modifying the name of the PLC adapter device.

As in previous cases, this flaw can be exploited by unauthenticated remote threat actors, although there are no reports of active exploitation cases or about the existence of any malware variant associated with this attack.

This medium severity flaw received a score of 8/10 and affects Powerline version

The company has not released security updates to fix these flaws and no workarounds are known, so users of affected devices are advised to verify their configuration.