TP-Link TL-WR850N V3 Cleartext Credential Storage Vulnerability via Serial Interface
Vulnerability
A vulnerability in the TP-Link TL-WR850N V3 router allows for the cleartext storage of administrative and Wi-Fi credentials in a portion of the device's flash memory. This issue arises while the serial interface is enabled and secured by weak authentication. An attacker with physical access and the ability to connect to the serial port can retrieve sensitive information, including the router's management password and wireless network key. Exploitation of this vulnerability could result in full administrative control of the device and unauthorized access to the associated wireless network.
Impact
Exploitation of this vulnerability could lead to full administrative control of the device and unauthorized access to the associated wireless network.
Remediation
Users are advised to download and update to the latest firmware version. The latest firmware for TL-WR850N V3 can be downloaded from the TP-Link India support page.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.