Skip to content
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
easy-exploits/Web/TP-Link/Offline-decryption/
easy-exploits/Web/TP-Link/Offline-decryption/

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

Vulnerabitily type

Use of Hard-coded cryptographic keys (CVE-2022-41540)

Vendor

TP-Link

Product

AX10v1 V1_211117

Affected component

The web app client uses static cryptographic keys to communicate with the router.

Attack vector

An attacker with a Man-in-the-middle position can capture the relevant traffic between the client and the web app. Then, they can visit the web app login page to gain access to the same cryptographic keys the victim used to communicate with the web app. All keys have the same value, but the sequence key. The latter is a 9-digit key that can be easily brute-forced. So, by using an offline brute force attack an attacker can gain access to encrypted and sensitive information, by decrypting it.

Patch

V1_220401

PoC

replay-offline-tp-link_vFQcNDCv.mp4