Rewterz Threat Advisory – Multiple Trend Micro Apex One Zero Day Vulnerabilities
November 22, 2022Rewterz Threat Alert – APT27 Emissary Panda Aka LuckyMouse – Active IOCs
November 22, 2022Rewterz Threat Advisory – Multiple Trend Micro Apex One Zero Day Vulnerabilities
November 22, 2022Rewterz Threat Alert – APT27 Emissary Panda Aka LuckyMouse – Active IOCs
November 22, 2022Severity
High
Analysis Summary
CVE-2022-43635 CVSS:6.5
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the incorrect implementation of the authentication algorithm. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.
CVE-2022-43636 CVSS:7.5
The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of sufficient randomness in the sequnce numbers used for session managment. An attacker can leverage this vulnerability to bypass authentication on the system.
Impact
- Information Disclosure
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-43635
- CVE-2022-43636
Affected Vendors
TP-Link
Affected Products
- TL-WR940N
Remediation
Please refer to the TP-Link Support to find the hardware version on a TP-Link device