Skip to Main ContentSkip to Footer
Advisory

TP-Link TL-WR840N Configuration Import Cross-Site Request Forgery (CSRF)

Dell SecureWorks Security Advisory SWRX-2015-001

January 7, 2015

Advisory Information

  • Title: TP-Link TL-WR840N Configuration Import Cross-Site Request Forgery (CSRF)
  • Advisory ID: SWRX-2015-001
  • Date published: Wednesday, January 7, 2015
  • CVE: CVE-2014-9510
  • CVSS v2 base score: 9.3
  • Date of last update: Wednesday, January 7, 2015
  • Vendors contacted: TP-Link
  • Release mode: Coordinated
  • Discovered by: Sean Wright, Dell SecureWorks

Summary

TP-Link is a primary provider of networking equipment and wireless products for small and home offices as well as for small to midsized businesses. TL-WR840N is a combination wired/wireless router specifically targeted to small business and home office networking environments. The router's web administration console contains a cross-site request forgery (CSRF) vulnerability that allows threat actors to import their own configuration to the router. An attack could alter any configuration setting on the device.

Download the PDF: SWRX-2015-001

PGP Signature

ABOUT THE AUTHOR
COUNTER THREAT UNIT RESEARCH TEAM
Secureworks Counter Threat Unit™ (CTU) researchers frequently serve as expert resources for the media, publish technical analyses for the security community, and speak about emerging threats at security conferences. Leveraging Secureworks’ advanced security technologies and a network of industry contacts, the CTU™ research team tracks threat actors and analyzes anomalous activity, uncovering new attack techniques and threats. This process enables CTU researchers to identify threats as they emerge and develop countermeasures that protect customers before damage can occur.
Back to more Threat Analyses and Advisories