CVE-2021-41653 – TP-Link / TL-WR840N EU v5 – RCE

November 18, 2021

CVE-2021-41653 is a remote code execution (RCE) vulnerability impacting TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk through demo of an exploit was shared via YouTube

Summary:

CVE-2021-41653 is a remote code execution (RCE) vulnerability impacting TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk through demo of an exploit was shared via YouTube

PoC Links(if available):

Kamillo Matek : TP-Link TL-WR840N EU v5 Remote Code Execution –
https://k4m1ll0.com/cve-2021-41653.html

Known Counter Measures:

TP-Link addressed the vulnerability in a security advisory with updated versions.

Links to patches(if available)

https://www.tp-link.com/in/press/security-advisory/

You may have missed

image

[HUNTERS] – Ransomware Victim: Amourgis & Associates

November 11, 2024
image

[HUNTERS] – Ransomware Victim: Dietzgen Corporation

November 11, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 156[.]238[.]227[.]43:80

November 11, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 8[.]134[.]166[.]14:443

November 11, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 123[.]57[.]209[.]214:1234

November 11, 2024