A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack.
References
Link | Resource |
---|---|
http://ax10v1.com | Not Applicable URL Repurposed |
http://tp-link.com | Product |
https://www.tp-link.com/us/support/download/archer-ax10/v1/#Firmware | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-12-17T14:32:24
Updated: 2021-12-23T21:26:54
Reserved: 2021-09-20T00:00:00
Link: CVE-2021-41451
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-12-17T15:15:07.493
Modified: 2024-02-14T01:17:43.863
Link: CVE-2021-41451
JSON object: View
Redhat Information
No data.
CWE