Vulnerability Note VU#581311
TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks
The TP-LINK EAP Controller is TP-LINK's software for remotely controlling wireless access point devices. EAP Controller for Linux lacks user authentication for RMI service commands, as well as utilizes an outdated vulnerable version of Apache commons-collections, which may allow an attacker to implement deserialization attacks and control the EAP Controller server.
CWE-306: Missing Authentication for Critical Function - CVE-2018-5393
A Java application or library with the Apache Commons Collections library in its classpath may be coerced into executing arbitrary Java functions or bytecode.
There is currently no available update to EAP Controller to fully address the vulnerability. However, affected users may take the following actions to help mitigate and reduce risk. As described in VU#576313, updating the vulnerable libraries does not necessarily eliminate the vulnerability in all scenarios.
Update Apache commons-collections
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|TP-LINK||Affected||03 Jul 2018||16 Oct 2018|
CVSS Metrics (Learn More)
Thanks to an anonymous reporter for reporting this vulnerability.
This document was written by Garret Wassermann.
- CVE IDs: CVE-2018-5393 CVE-2015-6420
- Date Public: 18 Sep 2018
- Date First Published: 26 Sep 2018
- Date Last Updated: 16 Oct 2018
- Document Revision: 85
If you have feedback, comments, or additional information about this vulnerability, please send us email.