A lately found Cross-site Scripting (XSS) vulnerability, CVE-2024-57514, affecting the TP-Hyperlink Archer A20 v3 Router has raised safety issues amongst customers.
The flaw CVE-2024-57514, recognized in firmware model 1.0.6 Construct 20231011 rel.85717(5553), permits attackers to execute arbitrary JavaScript code via the router’s internet interface, probably resulting in malicious exploitation.
Discovery of the Vulnerability
The vulnerability stems from improper enter validation of listing itemizing paths within the router’s internet interface.
By crafting a maliciously designed URL, an attacker can set off the execution of embedded JavaScript code within the browser of any consumer who visits the web page.
This allows the injection of malicious scripts, which may very well be leveraged for phishing assaults, session hijacking, or different malicious actions.
The difficulty lies within the router’s dealing with of listing listings, which fails to sanitize consumer enter. For instance, a payload just like the one beneath demonstrates how JavaScript could be executed:
http://192.168.0.1/
When this URL is accessed, it triggers an alert field as an indication however may very well be prolonged to execute extra dangerous scripts relying on the attacker’s intentions.
Integrating Software Safety into Your CI/CD Workflows Utilizing Jenkins & Jira ->Â Free Webinar
Evaluation and Proof of Idea (PoC)
The vulnerability permits JavaScript execution on the / path and in sub-directories. Nevertheless, it doesn’t expose cookies scoped to the /cgi-bin/luci path because of the cookie’s path attribute, which restricts entry to that particular listing.
Whereas this limitation prevents direct cookie theft, attackers might nonetheless exploit the XSS vulnerability to carry out different malicious actions, together with phishing or browser-based exploitation.
A video proof-of-concept (PoC) showcasing this vulnerability has been shared by safety researchers, highlighting its potential impression on unprotected customers.
In accordance with the Zyenra report, TP-Hyperlink has confirmed the vulnerability however acknowledged that the Archer A20 v3 router has reached its Finish of Life (EOL) and won’t obtain any additional updates or patches.
Citing the restricted scope and severity as evaluated by their safety groups, TP-Hyperlink has determined towards addressing the difficulty on this mannequin.
The corporate reassured customers that they’re actively reviewing different fashions to make sure their safety, advising clients to replace to newer, supported units for continued safety.
Whereas the vulnerability’s direct impression is mitigated by sure restrictions, customers of the TP-Hyperlink Archer A20 v3 router are suggested to take warning.
Upgrading to a supported router mannequin is very advisable, as discontinued units now not obtain essential safety updates, leaving them uncovered to potential threats.
Cybersecurity professionals additionally warning customers to keep away from visiting untrusted hyperlinks or URLs to reduce publicity to such vulnerabilities.
Accumulate Menace Intelligence with TI Lookup to enhance your organization’s safety - Get 50 Free Request
