TP-Link’s TL-WPA4220 V4.0 Cleartext Credentials in Cookie

Model: TL-WPA4220

Firmware: 4.0.2 Build 20180308 Rel.37064

Hardware: Version: TL-WPA4220 v4.0

CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28857

Update: https://static.tp-link.com/beta/2021/202103/20210316/wpa4220v3_eu-up-ver1-0-0-P1-20210316-rel53466-APPLC.zip

TP-Link’s TL-WPA4220 V4.0 username and password are sent via the cookie.

The password is sent as md5.

If an attacker cracks the md5, attacker may log in existing router interface.