This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system.
Metrics
Affected Vendors & Products
References
History
Thu, 05 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 05 Dec 2024 12:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | This vulnerability exists in the TP-Link Archer C50 due to presence of terminal access on a serial interface without proper access control. An attacker with physical access could exploit this by accessing the UART shell on the vulnerable device. Successful exploitation of this vulnerability could allow the attacker to obtain Wi-Fi credentials of the targeted system. | |
Title | Exposure of Wi-Fi Credentials in Plaintext in TP-Link Archer C50 | |
Weaknesses | CWE-312 | |
References |
| |
Metrics |
cvssV4_0
|
MITRE
Status: PUBLISHED
Assigner: CERT-In
Published: 2024-12-05T12:19:24.519Z
Updated: 2024-12-05T15:55:53.552Z
Reserved: 2024-11-29T11:09:33.863Z
Link: CVE-2024-54127
Vulnrichment
Updated: 2024-12-05T15:55:49.053Z
NVD
Status : Received
Published: 2024-12-05T13:15:09.440
Modified: 2024-12-05T13:15:09.440
Link: CVE-2024-54127
Redhat
No data.