TP-Link TL-WR940N Router Vulnerability Allows Remote Code Execution
/ 1 min read
🛠️ Critical vulnerability discovered in TP-Link TL-WR940N routers poses remote code execution risk. Security researcher Joward has identified a buffer overflow vulnerability, tracked as CVE-2024-54887, in the IPv6 DNS server configuration of TP-Link TL-WR940N routers, specifically affecting hardware versions 3 and 4. The flaw allows attackers to execute arbitrary code or launch denial-of-service attacks due to improper validation of input parameters. Joward’s Proof of Concept (PoC) exploit utilizes Return Oriented Programming (ROP) techniques to demonstrate the vulnerability, which is exacerbated by the lack of modern security mitigations like NX and PIE protections. TP-Link has confirmed that these affected models are no longer supported with security updates, urging users to upgrade to newer devices for protection.
