Re: Misfortune Cookie Vulnerability
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Re: Misfortune Cookie Vulnerability
Region : Argentina
Model : TL-WR1043ND
Hardware Version : V2
Firmware Version :
ISP :
Hello, this post is regarding the query previously raised in this closed thread:
http://forum.tp-link.com/showthread.php?78603-Misfortune-Cookie-vulnerability-reported-for-TP-Link-wireless-routers
TP-link was asked to clarify which models are vulnerable.
Unfortunately, the response is terribly inaccurate, misleading, and plain false (" we confirm it cannot actually attack our modem router"), and seems to originate from a wrong understanding of the response author.
I have personally verified the vulnerability affects several TP-link devices from the published list, over the WAN, available right now on the public IPv4.
The vulnerability leads to complete remote takeover (browsing and controlling the admin interface logged in as admin), and has nothing to do with the rom-0 vulnerability.
Please correct this.
Model : TL-WR1043ND
Hardware Version : V2
Firmware Version :
ISP :
Hello, this post is regarding the query previously raised in this closed thread:
http://forum.tp-link.com/showthread.php?78603-Misfortune-Cookie-vulnerability-reported-for-TP-Link-wireless-routers
TP-link was asked to clarify which models are vulnerable.
Unfortunately, the response is terribly inaccurate, misleading, and plain false (" we confirm it cannot actually attack our modem router"), and seems to originate from a wrong understanding of the response author.
I have personally verified the vulnerability affects several TP-link devices from the published list, over the WAN, available right now on the public IPv4.
The vulnerability leads to complete remote takeover (browsing and controlling the admin interface logged in as admin), and has nothing to do with the rom-0 vulnerability.
Please correct this.