Misfortune Cookie vulnerability reported for TP-Link wireless routers

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Misfortune Cookie vulnerability reported for TP-Link wireless routers

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Misfortune Cookie vulnerability reported for TP-Link wireless routers
Misfortune Cookie vulnerability reported for TP-Link wireless routers
2014-12-27 18:16:21
Region : UnitedStates

Model : TL-WR841N

Hardware Version :

Firmware Version :

ISP :


Can TP-Link clarify which, if any, models are vulnerable to the serious consequences of the "Misfortune Cookie" exploit, and if firmware updates have been released for those products?

This report claims many WiFi routers, including TP-Link products, currently have a vulnerability to the "Misfortune Cookie" easy but severe exploit.
http://mis.fortunecook.ie/

The vulnerability is actually with the RomPager embedded webserver from AllegroSoft, even tho apparently this was found and corrected long ago by AllegroSoft, but the report claims some devices are still shipped with vulnerable software; but hopefully there is already firmware patches available for these reportedly vulnerable devices from TP-Link:
TD811 TD821 TD841 TD854W TD-8616 TD-8811 TD-8816 TD-8816 1.0 TD-8816 2.0 TD-8816B TD-8817 TD-8817 1.0 TD-8817 2.0 TD-8817B TD-8820 TD-8820 1.0 TD-8840T TD-8840T 2.0 TD-8840TB TD-W8101G TD-W8151N TD-W8901G TD-W8901G 3.0 TD-W8901GB TD-W8901N TD-W8951NB TD-W8951ND TD-W8961N TD-W8961NB TD-W8961ND

Clarification is needed from TP-Link about this very serious vulnerability with regard to ALL products, whether shipping currently or not....please.
  0      
  0      
#1
Options
1 Reply
Re:Misfortune Cookie vulnerability reported for TP-Link wireless routers
2014-12-29 14:28:57
We have learned about the issue published by checkpoint a few days before, but we confirm it cannot actually attack our modem router (latest hardware & firmware versions for all models).
Let’s have a further explanation, attackers make up cookies which includes our modem router’s internal actions, and send it to LAN IP of the modem router, then the router will respond to the cookie. For example, attacker makes up a cookie which includes “rom-0”, and send it to our modem with LAN IP address 192.168.1.1, then the router receives it and respond “rom-0 not found”.
It in fact equals to access the router via http://192.168.1.1/rom-0 (or other URL), but all our modem routers with security mechanism firmware has already banned this way to access the router or control the router. It will returns a error “not found” to the attacker. So attackers could do nothing to your internal network. All our modem routers for sale now have security mechanism firmware to keep it away from being attacked. Please don’t worry about this issue if your modem router is already using the latest hardware and firmware on our global website. In the near future, we will also release new firmware, and don’t respond to the cookie any more, ease the issue from the root.
If your modem router is not using latest hardware, however, please refer to this FAQ to do some settings, it will also make your modem router more safe.
http://www.tp-link.com/en/article/?faqid=573
  0  
  0  
#2
Options