First published: Mon Jan 27 2020(Updated: )
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Tp-link Tl-wr849n Firmware | =0.9.1_4.16 | |
TP-LINK TL-WR849N |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2019-19143.
The severity of CVE-2019-19143 is medium with a CVSS score of 6.1.
TP-LINK TL-WR849N 0.9.1 4.16 devices are affected by CVE-2019-19143.
CVE-2019-19143 allows an attacker to replace the firmware without authentication, potentially leading to unauthorized access or control of the device.
TP-LINK TL-WR849N 0.9.1 4.16 users should update their firmware to a version that addresses the authentication bypass vulnerability.