ER-605 Router security vulnerabilities

ER-605 Router security vulnerabilities

ER-605 Router security vulnerabilities
ER-605 Router security vulnerabilities
3 weeks ago - last edited 2 weeks ago
Model: ER605 (TL-R605)  
Hardware Version: V1
Firmware Version: 1.3.1 Build 20231207 Rel.61384

The TP-Link Omada ER605 v1 router has recently come under scrutiny due to several critical security vulnerabilities, primarily affecting its VPN, DHCP, and DDNS configurations. These vulnerabilities expose network administrators to potential exploitation, underscoring the need for immediate firmware updates and secure configurations.

 

Key Vulnerabilities

 

1. CVE-2024-5227 - PPTP VPN Command Injection

This vulnerability allows attackers to execute arbitrary commands remotely if the router is configured with a PPTP VPN and LDAP authentication. This flaw stems from inadequate input validation in the VPN configuration’s username parameter, making it possible for attackers to inject commands that are executed with root-level privileges. Notably, this vulnerability does not require prior authentication, significantly increasing the risk level  .

2. CVE-2024-1179 - DHCPv6 Buffer Overflow

A buffer overflow in the DHCPv6 client option handling permits network-adjacent attackers to execute remote code on the router. This flaw results from improper checks on data length before copying DHCP options to a fixed-length buffer, allowing attackers to overload the buffer and run malicious code. This vulnerability also allows root access and highlights the importance of stringent input validation practices .

3. CVE-2024-5228 - DDNS Heap Overflow in Comexe

Found within the Comexe DDNS service, this vulnerability enables attackers to exploit improperly managed DNS responses, leading to a heap-based buffer overflow. This issue arises due to insufficient validation on the length of data from DNS responses, which attackers can exploit to gain root control over the device. Notably, the vulnerability only affects devices configured with the Comexe DDNS service, but it poses a high-risk entry point if enabled. 
 

Are there any plan from Omada Tp-link to solves those security vulnerabilities?

  0      
  0      
#1
Options
1 Accepted Solution
Re:ER-605 Router security vulnerabilities -Solution
2 weeks ago - last edited 2 weeks ago

Hi @home12233453452 

Thanks for posting in our business forum.

Three have been fixed on the V1.3.1 release.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options
1 Reply
Re:ER-605 Router security vulnerabilities -Solution
2 weeks ago - last edited 2 weeks ago

Hi @home12233453452 

Thanks for posting in our business forum.

Three have been fixed on the V1.3.1 release.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  1  
  1  
#2
Options