CVE-2013-2645

Name of the Vulnerable Software and Affected Versions TP-LINK WR1043N router with firmware TL-WR1043ND V1 120405

Description The issue allows remote attackers to hijack the authentication of administrators for various requests. This includes enabling FTP access to /tmp via the shareEntire parameter to "userRpm/NasFtpCfgRpm.htm", changing the FTP administrative password via the nas admin pwd parameter to "userRpm/NasUserAdvRpm.htm", enabling FTP on the WAN interface via the internetA parameter to "userRpm/NasFtpCfgRpm.htm", launching the FTP service via the startFtp parameter to "userRpm/NasFtpCfgRpm.htm", or enabling or disabling bandwidth limits via the QoSCtrl parameter to "userRpm/QoSCfgRpm.htm".

Recommendations As a temporary workaround, consider disabling the FTP service and bandwidth limit features until a patch is available. Restrict access to the "userRpm/NasFtpCfgRpm.htm" and "userRpm/NasUserAdvRpm.htm" pages to minimize the risk of exploitation. Avoid using the shareEntire, nas admin pwd, internetA, startFtp, and QoSCtrl parameters in the affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.