CVE-2022-41540
- Reference to the description:
- Description:
- The web app client of TP-Link AX10v1 V1_211117 uses hard-coded cryptographic keys when communicating with the router. Attackers who are able to intercept the communications between the web client and router through a man-in-the-middle attack can then obtain the sequence key via a brute-force attack, and access sensitive information.
- Last updated date:
- 10/20/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 05/27/2022
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/20/2022
- Reference url to background
https://github.com/efchatz/easy-exploits/tree/main/Web/TP-Link/Offline-decryption