TP-Link C5400X Router Critical Vulnerabilities

 

Critical vulnerabilities have been discovered in the C5400X gaming router that allows attackers to execute commands on the device.

The ability to execute arbitrary commands on routers can result in hijacking the routers, intercepting data, altering DNS settings, and potentially compromising internal networks.

The vulnerability in the TP-Link Archer C5400X, identified as CVE-2024-5035, has been assigned a CVSS v4 score of 10.0, indicating it is "critical." 

When the router is configure to run on 'rftest' mode, it opens and expose several TCP port to the network such as 8888, 8889, 8890. The service is affected to a command injection vulnerability that can be exploited to achieve remote code execution. 

All devices using the firmware versions, through 1.1.1.6 are vulnerable.

While the security researcher reported his finding to TP-Link on February 16, 2024, the patch released by TP-Link was only provided on May 24, 2024.

Users are recommended to download the firmware update from TP-Link’s official download portal:

https://www.tp-link.com/en/support/download/archer-c5400x/#Firmware