TP-Link TL-WR845N devices with firmware TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was discovered to contain a hardcoded password for the root account which can be obtained by analyzing downloaded firmware or via a brute force attack through physical access to the router. NOTE: The supplier has stated that this issue was fixed in firmware versions 250401 or later.
In firmware TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219, there is a statically hardcoded password for the root account (CWE-798). An attacker can obtain it in two ways: by analyzing a publicly available firmware file or through a brute force attack with physical access to the router. Since the password is the same across all devices with these software versions, its disclosure in one place compromises all devices using these firmware versions.
An attacker gains full control of the device with root account privileges, which allows modification of configuration, eavesdropping on network traffic, and using the router as an entry point to the local network.
Update the firmware to version 250401 or later, as indicated by the manufacturer. Until the update is applied, it is recommended to restrict physical access to the device and isolate the router from untrusted network segments.
TP-Link TL-WR845N with firmware TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTp Link Tl Wr845n
HWTp-Link4.0Tp Link Tl Wr845n Firmware
OSTp-Link190219200909201214
Related vulnerabilities
TP-Link TL-WR845N — przesyłanie danych uwierzytelniających w postaci jawnego tekstu
TP-Link TL-WR845N(UN)_V4_190219 was discovered to transmit credentials in base64 encoded form, which can be ea...
TP-Link TL-WR845N(UN)_V4_201214, TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 were discovered to contai...
The response coming from TP-Link Archer MR200 v5.2, C20 v5 and v6, TL-WR850N v3, and TL-WR845N v4 for any requ...
Zdalne wykonanie poleceń OS bez uwierzytelnienia w routerach TP-Link Omada