View on GitHub

IoPT App

We are here to improve the SoHo security a bit!

Get it on Google Play

If exploited, this remote code execution (RCE) vulnerability can allow arbitrary command execution via a malformed user agent field in HTTP headers. This means that a remote attacker could get complete control over the device. The vulnerability can be exploited by a remote attacker without requiring login / authentication to the Wi-Fi extender. Moreover, privilege escalation would not be needed here since all processes on these devices already run with root-level access.


The TP-Link security team confirmed that there are 4 products affected by this issue:

No other models have been confirmed as affected.

TP-LINK has fixed the flaw and provided firmware updates for each of the vulnerable devices. Users are advised to implement them.