A just lately found Cross-site Scripting (XSS) vulnerability, CVE-2024-57514, affecting the TP-Hyperlink Archer A20 v3 Router has raised safety issues amongst customers.
The flaw CVE-2024-57514, recognized in firmware model 1.0.6 Construct 20231011 rel.85717(5553), permits attackers to execute arbitrary JavaScript code via the router’s net interface, probably resulting in malicious exploitation.
Discovery of the Vulnerability
The vulnerability stems from improper enter validation of listing itemizing paths within the router’s net interface.
By crafting a maliciously designed URL, an attacker can set off the execution of embedded JavaScript code within the browser of any person who visits the web page.
This allows the injection of malicious scripts, which could possibly be leveraged for phishing assaults, session hijacking, or different malicious actions.
The difficulty lies within the router’s dealing with of listing listings, which fails to sanitize person enter. For instance, a payload just like the one under demonstrates how JavaScript might be executed:
http://192.168.0.1/
When this URL is accessed, it triggers an alert field as an illustration however could possibly be prolonged to execute extra dangerous scripts relying on the attacker’s intentions.
Integrating Software Safety into Your CI/CD Workflows Utilizing Jenkins & Jira -> Free Webinar
Evaluation and Proof of Idea (PoC)
The vulnerability permits JavaScript execution on the / path and in sub-directories. Nevertheless, it doesn’t expose cookies scoped to the /cgi-bin/luci path because of the cookie’s path attribute, which restricts entry to that particular listing.
Whereas this limitation prevents direct cookie theft, attackers may nonetheless exploit the XSS vulnerability to carry out different malicious actions, together with phishing or browser-based exploitation.
A video proof-of-concept (PoC) showcasing this vulnerability has been shared by safety researchers, highlighting its potential affect on unprotected customers.
In line with the Zyenra report, TP-Hyperlink has confirmed the vulnerability however acknowledged that the Archer A20 v3 router has reached its Finish of Life (EOL) and won’t obtain any additional updates or patches.
Citing the restricted scope and severity as evaluated by their safety groups, TP-Hyperlink has determined in opposition to addressing the difficulty on this mannequin.
The corporate reassured customers that they’re actively reviewing different fashions to make sure their safety, advising clients to replace to newer, supported gadgets for continued safety.
Whereas the vulnerability’s direct affect is mitigated by sure restrictions, customers of the TP-Hyperlink Archer A20 v3 router are suggested to take warning.
Upgrading to a supported router mannequin is extremely really useful, as discontinued gadgets now not obtain crucial safety updates, leaving them uncovered to potential threats.
Cybersecurity professionals additionally warning customers to keep away from visiting untrusted hyperlinks or URLs to reduce publicity to such vulnerabilities.
Gather Menace Intelligence with TI Lookup to enhance your organization’s safety - Get 50 Free Request