CVE-2024-57050

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 18, 2025

Updated: Feb 19, 2025

CWE ID 287

Summary

CVE-2024-57050 is a vulnerability affecting TP-Link WR840N v6 routers with firmware version 0.9.1 4.16 and earlier. This issue enables unauthorized access by permitting bypass of authentication for certain interfaces within the /cgi directory. By adding a Referer header with the value "http://tplinkwifi.net" to their requests, attackers can deceitfully bypass the authentication process. This vulnerability poses a significant risk to network security and requires immediate attention from users to update their firmware.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2T1fLT
https://www.cve.org/CVERecord?id=CVE-2024-57050
https://nvd.nist.gov/vuln/detail/CVE-2024-57050

Back to Vulnerability Database

CVE-2024-57050

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations