CVE-2021-41653 – TP-Link / TL-WR840N EU v5 – RCE
CVE-2021-41653 is a remote code execution (RCE) vulnerability impacting TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211. An exploit was observed in open source, a link to an exploit was shared in the underground and a walk through demo of an exploit was shared via YouTube. Additionally, security researchers claimed the vulnerability was exploited in the wild by the Dark Mirai botnet.
Summary:
CVE-2021-41653 is a remote code execution (RCE) vulnerability impacting TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211. An exploit was observed in open source, a link to an exploit was shared in the underground and a walk through demo of an exploit was shared via YouTube. Additionally, security researchers claimed the vulnerability was exploited in the wild by the Dark Mirai botnet.
PoC Links(if available):
Kamillo Matek : TP-Link TL-WR840N EU v5 Remote Code Execution –
https://k4m1ll0.com/cve-2021-41653.html
Known Counter Measures:
TP-Link addressed the vulnerability in a security advisory with updated versions.
Links to patches(if available)
https://www.tp-link.com/in/press/security-advisory/