Return to forum

J3N1N · June 8, 2022 at 9:02 AM

CVE-2022-30075

Authenticated Remote Code Execution in Tp-Link Routers

Affected Devices

If your Tp-Link router has backup and restore functionality and firmware is older than june 2022, it is probably vulnerable

Tested With

Tp-Link Archer AX50, other tplink routers may use different format of backups and exploit needs to be modified

PoC

Using exploit for starting telnet daemon on the router
tplink

Timeline

15.03.2022 - Identified vulnerability
15.03.2022 - Contacted Tp-Link support
16.03.2022 - Recieved response from Tp-Link
02.05.2022 - Assigned CVE
27.05.2022 - Tp-Link released firmware with fixed vulnerability
07.06.2022 - Published technical details

Download Poc
Hidden Content
You must register or login to view this content.
LINK IS DEAD

arntUNcT · June 8, 2022 at 10:22 AM

awesome! tnx a lot for sharing

vegas7_javidan · June 8, 2022 at 5:36 PM

so good

Lolplz · August 9, 2022 at 6:11 PM

nicee

Smallzeus · August 9, 2022 at 11:25 PM

Thanx

Th3Gh0st · August 9, 2022 at 11:29 PM

Thanks

joesmist · August 10, 2022 at 8:46 AM

nice work!

TheUserProMax · August 10, 2022 at 9:58 AM

The TP-Link Update is apply to all devices automatic? or manual mode?

huhuto09 · August 10, 2022 at 10:03 AM

I will do something

forkilz_10 · August 12, 2022 at 8:48 PM

nice!