CVE-2020-24363 – TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass
https://notcve.org/view.php?id=CVE-2020-24363
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password. Los dispositivos TP-Link TL-WA855RE versión V5 20200415-rel37464, permiten a un atacante no autenticado (en la misma red) enviar una petición POST TDDP_RESET para un restablecimiento de fábrica y reinicio. El atacante puede entonces obtener un control de acceso incorrecto al establecer una nueva contraseña administrativa • https://www.exploit-db.com/exploits/49092 http://malwrforensics.com/en/2020/08/31/cve-2020-24363-tl-wa855re-v5-advisory https://pastebin.com/VjHM4UiA https://www.tp-link.com/us/support/download/tl-wa855re/#Firmware • CWE-306: Missing Authentication for Critical Function •
CVE-2020-10916 – TP-Link TL-WA855RE login.json Improper Authentication Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-10916
This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the first-time setup process. The issue results from the lack of proper validation on first-time setup requests. An attacker can leverage this vulnerability to reset the password for the Admin account and execute code in the context of the device. • https://www.zerodayinitiative.com/advisories/ZDI-20-553 • CWE-287: Improper Authentication •